RepositoryExternal.mk | 7
configure.ac | 2
download.lst | 44
external/curl/ExternalPackage_curl.mk | 2
external/curl/ExternalProject_curl.mk | 3
external/curl/UnpackedTarball_curl.mk | 1
external/curl/clang-cl.patch.0 | 2
external/curl/curl-7.26.0_win-proxy.patch | 13
external/curl/curl-msvc-disable-protocols.patch.1 | 4
external/curl/curl-msvc-zlib.patch.1 | 16
external/curl/curl-msvc.patch.1 | 4
external/curl/curl-nss.patch.1 | 11
external/curl/zlib.patch.0 | 12
external/expat/expat-winapi.patch | 13
external/harfbuzz/62e803b36173fd096d7ad460dd1d1db9be542593.patch.1 | 29
external/harfbuzz/UnpackedTarball_harfbuzz.mk | 1
external/libxml2/ExternalPackage_libxml2.mk | 2
external/libxml2/UnpackedTarball_libxml2.mk | 3
external/libxml2/libxml2-android.patch | 6
external/libxml2/libxml2-config.patch.1 | 43
external/libxml2/xml2-config.in | 28
external/nss/ExternalProject_nss.mk | 4
external/nss/UnpackedTarball_nss.mk | 3
external/nss/asan.patch.1 | 6
external/nss/clang-cl.patch.0 | 12
external/nss/macos-dlopen.patch.0 | 2
external/nss/nss-android.patch.1 | 7
external/nss/nss-bz1646594.patch.1 | 2
external/nss/nss-restore-manual-pre-dependencies.patch.1 | 83 +
external/nss/nss-win32-make.patch.1 | 4
external/nss/nss.aix.patch | 10
external/nss/nss.bzmozilla1238154.patch | 2
external/nss/nss.cygwin64.in32bit.patch | 2
external/nss/nss.nowerror.patch | 2
external/nss/nss.patch | 22
external/nss/nss.utf8bom.patch.1 | 4
external/nss/nss.vs2015.patch | 2
external/nss/nss.vs2015.pdb.patch | 2
external/nss/nss.windows.patch | 6
external/nss/nss_macosx.patch | 6
external/nss/ubsan.patch.0 | 2
external/openssl/ExternalPackage_openssl.mk | 4
external/openssl/ExternalProject_openssl.mk | 15
external/openssl/UnpackedTarball_openssl.mk | 13
external/openssl/ccb0a11145ee72b042d10593a64eaf9e8a55ec12.patch.1 | 56
external/openssl/openssl-1.0.1h-win64.patch.1 | 47
external/openssl/openssl-1.0.2k-cve-2020-1971.patch.1 | 578
----------
external/openssl/openssl-3650-masm.patch.1 | 35
external/openssl/openssl-fixbuild.patch.1 | 23
external/openssl/openssl-no-multilib.patch.0 | 38
external/openssl/openssllnx.patch | 23
external/openssl/opensslsol.patch | 20
external/openssl/opensslwnt.patch | 167 --
external/openssl/opensslwnt_safeseh.patch | 23
external/poppler/StaticLibrary_poppler.mk | 7
external/poppler/UnpackedTarball_poppler.mk | 2
external/poppler/disable-freetype.patch.1 | 41
external/poppler/gcc7-EntityInfo.patch.1 | 48
external/poppler/poppler-config.patch.1 | 69 -
external/postgresql/ExternalProject_postgresql.mk | 2
external/postgresql/postgres-msvc-build.patch.1 | 6
external/python3/ExternalProject_python3.mk | 2
external/python3/python-3.7.6-msvc-ssl.patch.1 | 25
sc/source/core/tool/interpr7.cxx | 3
sdext/Executable_xpdfimport.mk | 4
sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx | 39
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx | 10
test/source/xmltesttools.cxx | 2
unoxml/source/xpath/xpathobject.cxx | 2
69 files changed, 544 insertions(+), 1189 deletions(-)
New commits:
commit 04260d3dc7e6d15a1e353dc842ce59e058925ba8
Author: Andras Timar <andras.ti...@collabora.com>
AuthorDate: Sat Mar 25 19:25:36 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:25:36 2023 +0100
Bump version to 6.4-64
Change-Id: Iaf0e7714633ac0213ca035633f15cfc7b5cbc1c2
diff --git a/configure.ac b/configure.ac
index 7da378ba6c42..29de3ccf316e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,7 +9,7 @@ dnl in order to create a configure script.
# several non-alphanumeric characters, those are split off and used only for
the
# ABOUTBOXPRODUCTVERSIONSUFFIX in openoffice.lst. Why that is necessary, no
idea.
-AC_INIT([Collabora Office],[6.4.10.63],[],[],[https://collaboraoffice.com/])
+AC_INIT([Collabora Office],[6.4.10.64],[],[],[https://collaboraoffice.com/])
dnl libnumbertext needs autoconf 2.68, but that can pick up autoconf268 just
fine if it is installed
dnl whereas aclocal (as run by autogen.sh) insists on using autoconf and fails
hard
commit 403e4bb10d29ba08cb55f9f2a91ae8bcf7ea6e6d
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Fri Feb 24 17:49:23 2023 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:25:01 2023 +0100
postgresql: upgrade to release 13.10
Fixes CVE-2022-41862
Reference: https://www.postgresql.org/support/security/CVE-2022-41862/
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147834
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit efff34d7bdccf210a5e878bd9bc4d35ec72b71ab)
Change-Id: I6075838972fec1c091f3150b19c5da4dc80ad6d3
diff --git a/download.lst b/download.lst
index fceb83c0a55f..d2ec0f1611aa 100644
--- a/download.lst
+++ b/download.lst
@@ -238,8 +238,8 @@ export LIBPNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201f
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
export POPPLER_SHA256SUM :=
d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e
export POPPLER_TARBALL := poppler-22.09.0.tar.xz
-export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
-export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
+export POSTGRESQL_SHA256SUM :=
5bbcf5a56d85c44f3a8b058fb46862ff49cbc91834d07e295d02e6de3c216df2
+export POSTGRESQL_TARBALL := postgresql-13.10.tar.bz2
export PYTHON_SHA256SUM :=
f8d82e7572c86ec9d55c8627aae5040124fd2203af400c383c821b980306ee6b
export PYTHON_TARBALL := Python-3.7.10.tar.xz
export QRCODEGEN_SHA256SUM :=
fcdf9fd69fde07ae4dca2351d84271a9de8093002f733b77c70f52f1630f6e4a
commit abf55611e678711ce8d3f5a266ff8140157b3a3a
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Fri Nov 5 14:03:05 2021 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:23:31 2023 +0100
bzip2: upgrade to release 1.0.8
Fixes CVE-2019-12900
Change-Id: If3fcfff78a61c60014ba6d96f1ee0c432ccc52a1
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124758
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 1289125532a029dc80e4ee3d0a49dca253f51888)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124762
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 7208197a4ac718411fa6e3b4c770fdec8c67557d)
diff --git a/download.lst b/download.lst
index fb3f5de411d1..fceb83c0a55f 100644
--- a/download.lst
+++ b/download.lst
@@ -12,8 +12,8 @@ export BREAKPAD_SHA256SUM :=
7060149be16a8789b0ccf596bdeaf63115f03f520acb508f72a
export BREAKPAD_TARBALL := breakpad.zip
export BSH_SHA256SUM :=
9e93c73e23aff644b17dfff656444474c14150e7f3b38b19635e622235e01c96
export BSH_TARBALL := beeca87be45ec87d241ddd0e1bad80c1-bsh-2.0b6-src.zip
-export BZIP2_SHA256SUM :=
a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd
-export BZIP2_TARBALL := 00b516f4704d4a7cb50a1d97e6e8e15b-bzip2-1.0.6.tar.gz
+export BZIP2_SHA256SUM :=
ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269
+export BZIP2_TARBALL := bzip2-1.0.8.tar.gz
export CAIRO_SHA256SUM :=
5e7b29b3f113ef870d1e3ecf8adf21f923396401604bda16d44be45e66052331
export CAIRO_VERSION_MICRO := 0
export CAIRO_TARBALL := cairo-1.16.$(CAIRO_VERSION_MICRO).tar.xz
commit 93a57d57d545cde9b9316bc6f3e97192545498fc
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Mon Oct 17 11:33:50 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:22:17 2023 +0100
libxml2: upgrade to release 2.10.3
Fixes CVE-2022-40304 and CVE-2022-40303.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141448
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 39b5701976ff3d489c3212d6e2a116d6244c8ad1)
Change-Id: I5be3fd20ccf57596808a26b742aca325ac16f29b
diff --git a/download.lst b/download.lst
index 7ecdad42c103..fb3f5de411d1 100644
--- a/download.lst
+++ b/download.lst
@@ -186,8 +186,8 @@ export LIBTOMMATH_SHA256SUM :=
083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304
export LIBTOMMATH_TARBALL := ltm-1.0.zip
export XMLSEC_SHA256SUM :=
13eec4811ea30e3f0e16a734d1dbf7f9d246a71d540b48d143a07b489f6222d4
export XMLSEC_TARBALL := xmlsec1-1.2.28.tar.gz
-export LIBXML_SHA256SUM :=
d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265
-export LIBXML_VERSION_MICRO := 2
+export LIBXML_SHA256SUM :=
5d2cc3d78bec3dbe212a9d7fa629ada25a7da928af432c93060ff5c17ee28a9c
+export LIBXML_VERSION_MICRO := 3
export LIBXML_TARBALL := libxml2-2.10.$(LIBXML_VERSION_MICRO).tar.xz
export LIBXSLT_SHA256SUM :=
8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79
export LIBXSLT_VERSION_MICRO := 35
commit 1ff9c2ee82b9c8f0a89bbaad2f7ddbe5927fd400
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 10:27:02 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:22:17 2023 +0100
libxml2: upgrade to release 2.10.2
Fixes CVE-2022-2309
Change-Id: I180218be275d3b6d38f8f74aa51c57e50d2734ee
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139911
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit d621a8839cebf96fe3ac374026f344f8e68bf011)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139954
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
diff --git a/download.lst b/download.lst
index 75a8075f2b40..7ecdad42c103 100644
--- a/download.lst
+++ b/download.lst
@@ -186,9 +186,9 @@ export LIBTOMMATH_SHA256SUM :=
083daa92d8ee6f4af96a6143b12d7fc8fe1a547e14f862304
export LIBTOMMATH_TARBALL := ltm-1.0.zip
export XMLSEC_SHA256SUM :=
13eec4811ea30e3f0e16a734d1dbf7f9d246a71d540b48d143a07b489f6222d4
export XMLSEC_TARBALL := xmlsec1-1.2.28.tar.gz
-export LIBXML_SHA256SUM :=
60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee
-export LIBXML_VERSION_MICRO := 14
-export LIBXML_TARBALL := libxml2-2.9.$(LIBXML_VERSION_MICRO).tar.xz
+export LIBXML_SHA256SUM :=
d240abe6da9c65cb1900dd9bf3a3501ccf88b3c2a1cb98317d03f272dda5b265
+export LIBXML_VERSION_MICRO := 2
+export LIBXML_TARBALL := libxml2-2.10.$(LIBXML_VERSION_MICRO).tar.xz
export LIBXSLT_SHA256SUM :=
8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79
export LIBXSLT_VERSION_MICRO := 35
export LIBXSLT_TARBALL := libxslt-1.1.$(LIBXSLT_VERSION_MICRO).tar.xz
diff --git a/external/libxml2/ExternalPackage_libxml2.mk
b/external/libxml2/ExternalPackage_libxml2.mk
index d38eb68df0cb..6338fb20b9df 100644
--- a/external/libxml2/ExternalPackage_libxml2.mk
+++ b/external/libxml2/ExternalPackage_libxml2.mk
@@ -21,7 +21,7 @@ else # COM=MSC
$(eval $(call
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.dll,win32/bin.msvc/libxml2.dll))
endif
else # OS!=WNT
-$(eval $(call
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.9.$(LIBXML_VERSION_MICRO)))
+$(eval $(call
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.10.$(LIBXML_VERSION_MICRO)))
endif
endif # DISABLE_DYNLOADING
diff --git a/external/libxml2/libxml2-android.patch
b/external/libxml2/libxml2-android.patch
index 42af83274026..acf9b17e02db 100644
--- a/external/libxml2/libxml2-android.patch
+++ b/external/libxml2/libxml2-android.patch
@@ -2,9 +2,9 @@
+++ misc/build/libxml2-2.7.6/Makefile.in
@@ -1635,7 +1635,7 @@
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
- check: $(BUILT_SOURCES)
- $(MAKE) $(AM_MAKEFLAGS) check-recursive
--all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(MANS) $(DATA) \
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+ check: check-recursive
+-all-am: Makefile $(PROGRAMS) $(LTLIBRARIES) $(SCRIPTS) $(DATA) \
+all-am: Makefile $(LTLIBRARIES) \
config.h
install-binPROGRAMS: install-libLTLIBRARIES
diff --git a/sc/source/core/tool/interpr7.cxx b/sc/source/core/tool/interpr7.cxx
index 8b58519bcda2..a255d22232d2 100644
--- a/sc/source/core/tool/interpr7.cxx
+++ b/sc/source/core/tool/interpr7.cxx
@@ -222,6 +222,7 @@ void ScInterpreter::ScFilterXML()
case XPATH_STRING:
PushString(OUString::createFromAscii(reinterpret_cast<char*>(pXPathObj->stringval)));
break;
+#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED)
case XPATH_POINT:
PushNoValue();
break;
@@ -231,13 +232,13 @@ void ScInterpreter::ScFilterXML()
case XPATH_LOCATIONSET:
PushNoValue();
break;
+#endif
case XPATH_USERS:
PushNoValue();
break;
case XPATH_XSLT_TREE:
PushNoValue();
break;
-
}
}
}
diff --git a/test/source/xmltesttools.cxx b/test/source/xmltesttools.cxx
index 38420ba384d2..9cfe7b876ad5 100644
--- a/test/source/xmltesttools.cxx
+++ b/test/source/xmltesttools.cxx
@@ -144,9 +144,11 @@ OUString XmlTestTools::getXPathContent(xmlDocPtr pXmlDoc,
const OString& rXPath)
xmlXPathFreeObject(pXmlObj);
return convertedVal;
}
+#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED)
case XPATH_POINT:
case XPATH_RANGE:
case XPATH_LOCATIONSET:
+#endif
case XPATH_USERS:
case XPATH_XSLT_TREE:
xmlXPathFreeObject(pXmlObj);
diff --git a/unoxml/source/xpath/xpathobject.cxx
b/unoxml/source/xpath/xpathobject.cxx
index 2a055f10cdc4..6da7ed351f80 100644
--- a/unoxml/source/xpath/xpathobject.cxx
+++ b/unoxml/source/xpath/xpathobject.cxx
@@ -44,12 +44,14 @@ namespace XPath
return XPathObjectType_XPATH_NUMBER;
case XPATH_STRING:
return XPathObjectType_XPATH_STRING;
+#if LIBXML_VERSION < 21000 || defined(LIBXML_XPTR_LOCS_ENABLED)
case XPATH_POINT:
return XPathObjectType_XPATH_POINT;
case XPATH_RANGE:
return XPathObjectType_XPATH_RANGE;
case XPATH_LOCATIONSET:
return XPathObjectType_XPATH_LOCATIONSET;
+#endif
case XPATH_USERS:
return XPathObjectType_XPATH_USERS;
case XPATH_XSLT_TREE:
commit d0ce73b7d6bf815010e9337313218e18ec8e4cf7
Author: Jan-Marek Glogowski <glo...@fbihome.de>
AuthorDate: Sun May 30 13:23:16 2021 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:22:17 2023 +0100
libxml2: use xml2-config dummy for internal build
When building a static LO with --disable-dynloading on Linux,
--without-system-libs failed for me. And it left me really puzzled:
raptor configure failed and claimed it couldn't link libxml2.
raptor's config.log showed missing math functions. xml2-config of
LO's build is patched and it includes a -lm. The xml2-config in my
chroot doesn't. But we explicitly pass the xml2-config for
non-system-libxml2 build. Reading the configure from raptor didn't
reveal a way, that it could somehow pick up the xml2-config from
the chroot, but that code is autoconf-complex...
When running "sh -x configure", it turned out the configure script
actually picks up the LIBXML_* flags from the environment, which
are set by LO's config_host.mk. These just add -lm for Android.
So this adds a xml2-config.in "dummy", which overwrites the one
from the libxml2 source and just echos LO's LIBXML_* values and
it adds -lm for all DISABLE_DYNLOADING targets.
Change-Id: Ia713cf80c8e7dc989cf23c224e7a0f7ea1210a87
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/116409
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
(cherry picked from commit 8b9f8f0f9d38cc64f742fe5358fce88d0f82391a)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139965
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 5c044ae7a3246bddbd0513bd5ed3efef10cb1503)
diff --git a/external/libxml2/UnpackedTarball_libxml2.mk
b/external/libxml2/UnpackedTarball_libxml2.mk
index 83df02849cb3..8c81c3d26e4c 100644
--- a/external/libxml2/UnpackedTarball_libxml2.mk
+++ b/external/libxml2/UnpackedTarball_libxml2.mk
@@ -14,7 +14,6 @@ $(eval $(call
gb_UnpackedTarball_set_tarball,libxml2,$(LIBXML_TARBALL),,libxml2)
$(eval $(call gb_UnpackedTarball_update_autoconf_configs,libxml2))
$(eval $(call gb_UnpackedTarball_add_patches,libxml2,\
- external/libxml2/libxml2-config.patch.1 \
external/libxml2/libxml2-global-symbols.patch \
external/libxml2/libxml2-vc10.patch \
$(if $(filter ANDROID,$(OS)),external/libxml2/libxml2-android.patch) \
@@ -23,4 +22,6 @@ $(eval $(call gb_UnpackedTarball_add_patches,libxml2,\
external/libxml2/libxml2-icu.patch.0) \
))
+$(eval $(call
gb_UnpackedTarball_add_file,libxml2,xml2-config.in,external/libxml2/xml2-config.in))
+
# vim: set noet sw=4 ts=4:
diff --git a/external/libxml2/libxml2-config.patch.1
b/external/libxml2/libxml2-config.patch.1
deleted file mode 100644
index 5a2ef1485e92..000000000000
--- a/external/libxml2/libxml2-config.patch.1
+++ /dev/null
@@ -1,43 +0,0 @@
-Hack the xml2-config to return paths into WORKDIR.
-
---- a/xml2-config.in 2009-12-17 11:45:20.000000000 +0000
-+++ b/xml2-config.in 2009-12-17 11:45:36.000000000 +0000
-@@ -1,9 +1,14 @@
- #! /bin/sh
-
--prefix=@prefix@
--exec_prefix=@exec_prefix@
--includedir=@includedir@
--libdir=@libdir@
-+#prefix=@prefix@
-+#exec_prefix=@exec_prefix@
-+#includedir=@includedir@
-+#libdir=@libdir@
-+
-+prefix=${WORKDIR}/UnpackedTarball/libxml2
-+exec_prefix=${WORKDIR}/UnpackedTarball/libxml2
-+includedir=${WORKDIR}/UnpackedTarball/libxml2/include
-+libdir=${WORKDIR}/UnpackedTarball/libxml2/.libs
- cflags=
- libs=
-
-@@ -67,7 +72,8 @@
- ;;
-
- --cflags)
-- cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
-+ #cflags="@XML_INCLUDEDIR@ @XML_CFLAGS@"
-+ cflags="-I${includedir}"
- ;;
-
- --libtool-libs)
-@@ -91,7 +96,8 @@
- libs="@XML_LIBDIR@ $libs"
- fi
-
-- libs="$libs @WIN32_EXTRA_LIBADD@"
-+ #libs="$libs @WIN32_EXTRA_LIBADD@"
-+ libs="-L${libdir} -lxml2 -lm"
- ;;
-
- *)
diff --git a/external/libxml2/xml2-config.in b/external/libxml2/xml2-config.in
new file mode 100644
index 000000000000..164508e47e67
--- /dev/null
+++ b/external/libxml2/xml2-config.in
@@ -0,0 +1,28 @@
+#! /bin/sh
+
+while test $# -gt 0; do
+ case "$1" in
+ -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+ *) optarg= ;;
+ esac
+
+ case "$1" in
+ --version)
+ echo @VERSION@
+ exit 0
+ ;;
+ --cflags)
+ cflags="$LIBXML_CFLAGS"
+ ;;
+ --libs)
+ libs="$LIBXML_LIBS"
+ ;;
+ esac
+ shift
+done
+
+if test -n "$cflags$libs"; then
+ echo $cflags $libs
+fi
+
+exit 0
commit e62dde52b573f3a78535d0b2841d3e23166b9e1d
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 20:02:03 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:21:50 2023 +0100
harfbuzz: add patch for CVE-2022-33068
Should be fixed in release 4.4.0
Change-Id: I9ff234f9687c7f57d9226df91b17ddb0bc083cca
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139952
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
(cherry picked from commit 424d2e86cc103336fb70cd8ef7aacde1ac2e28ef)
diff --git a/external/harfbuzz/62e803b36173fd096d7ad460dd1d1db9be542593.patch.1
b/external/harfbuzz/62e803b36173fd096d7ad460dd1d1db9be542593.patch.1
new file mode 100644
index 000000000000..2aef204a26e1
--- /dev/null
+++ b/external/harfbuzz/62e803b36173fd096d7ad460dd1d1db9be542593.patch.1
@@ -0,0 +1,29 @@
+From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <beh...@behdad.org>
+Date: Wed, 1 Jun 2022 07:38:21 -0600
+Subject: [PATCH] [sbix] Limit glyph extents
+
+Fixes https://github.com/harfbuzz/harfbuzz/issues/3557
+---
+ src/hb-ot-color-sbix-table.hh | 6 ++++++
+ test/fuzzing/fonts/sbix-extents.ttf | Bin 0 -> 582 bytes
+ 2 files changed, 6 insertions(+)
+ create mode 100644 test/fuzzing/fonts/sbix-extents.ttf
+
+diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh
+index 9741ebd450..6efae43cda 100644
+--- a/src/hb-ot-color-sbix-table.hh
++++ b/src/hb-ot-color-sbix-table.hh
+@@ -298,6 +298,12 @@ struct sbix
+
+ const PNGHeader &png = *blob->as<PNGHeader>();
+
++ if (png.IHDR.height >= 65536 || png.IHDR.width >= 65536)
++ {
++ hb_blob_destroy (blob);
++ return false;
++ }
++
+ extents->x_bearing = x_offset;
+ extents->y_bearing = png.IHDR.height + y_offset;
+ extents->width = png.IHDR.width;
diff --git a/external/harfbuzz/UnpackedTarball_harfbuzz.mk
b/external/harfbuzz/UnpackedTarball_harfbuzz.mk
index adec72ed0d57..9957f89e1b5c 100644
--- a/external/harfbuzz/UnpackedTarball_harfbuzz.mk
+++ b/external/harfbuzz/UnpackedTarball_harfbuzz.mk
@@ -20,6 +20,7 @@ $(eval $(call gb_UnpackedTarball_set_patchlevel,harfbuzz,0))
$(eval $(call gb_UnpackedTarball_add_patches,harfbuzz, \
external/harfbuzz/ubsan.patch \
external/harfbuzz/icu-65-api-macros-with-semicolon.patch.1 \
+ external/harfbuzz/62e803b36173fd096d7ad460dd1d1db9be542593.patch.1 \
))
# vim: set noet sw=4 ts=4:
commit 9b9cb438331267cf6d2f7c53576e69130881208d
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 15:54:49 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:19:49 2023 +0100
poppler: upgrade to release 22.09.0
Fixes CVE-2022-38784
Add external/poppler/disable-freetype.patch.1 to get rid of some new
code that unconditionally requires freetype, to avoid building that on
WNT/MACOSX.
Change-Id: I854d1865286b6fb4112cdf37898cda0203c52f2e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139941
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 8fce9a0a41b1bbebd325fc9d98a79d8decd3950c)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139967
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit bdbb450ed0ded86fb50d6b19a2cce0f11ca74b07)
diff --git a/download.lst b/download.lst
index ad8a4aa0a632..75a8075f2b40 100644
--- a/download.lst
+++ b/download.lst
@@ -236,8 +236,8 @@ export PIXMAN_SHA256SUM :=
21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export LIBPNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM :=
7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e
-export POPPLER_TARBALL := poppler-22.01.0.tar.xz
+export POPPLER_SHA256SUM :=
d7a8f748211359cadb774ba3e18ecda6464b34027045c0648eb30d5852a41e2e
+export POPPLER_TARBALL := poppler-22.09.0.tar.xz
export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
export PYTHON_SHA256SUM :=
f8d82e7572c86ec9d55c8627aae5040124fd2203af400c383c821b980306ee6b
diff --git a/external/poppler/UnpackedTarball_poppler.mk
b/external/poppler/UnpackedTarball_poppler.mk
index 68fd06d9403b..0ac3c8aa69c4 100644
--- a/external/poppler/UnpackedTarball_poppler.mk
+++ b/external/poppler/UnpackedTarball_poppler.mk
@@ -13,6 +13,8 @@ $(eval $(call
gb_UnpackedTarball_set_tarball,poppler,$(POPPLER_TARBALL),,poppler
$(eval $(call gb_UnpackedTarball_add_patches,poppler,\
external/poppler/poppler-config.patch.1 \
+ external/poppler/disable-freetype.patch.1 \
+ external/poppler/gcc7-EntityInfo.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/poppler/disable-freetype.patch.1
b/external/poppler/disable-freetype.patch.1
new file mode 100644
index 000000000000..d59006eba979
--- /dev/null
+++ b/external/poppler/disable-freetype.patch.1
@@ -0,0 +1,41 @@
+disable freetype dependent code
+
+--- poppler/poppler/Form.cc.orig 2022-09-14 15:46:48.588316681 +0200
++++ poppler/poppler/Form.cc 2022-09-14 15:48:01.468274551 +0200
+@@ -46,7 +46,7 @@
+ #include <cstdlib>
+ #include <cstring>
+ #include <cctype>
+-#include "goo/ft_utils.h"
++//#include "goo/ft_utils.h"
+ #include "goo/gmem.h"
+ #include "goo/gfile.h"
+ #include "goo/GooString.h"
+@@ -77,8 +77,8 @@
+ #include "fofi/FoFiTrueType.h"
+ #include "fofi/FoFiIdentifier.h"
+
+-#include <ft2build.h>
+-#include FT_FREETYPE_H
++//#include <ft2build.h>
++//#include FT_FREETYPE_H
+
+ // return a newly allocated char* containing an UTF16BE string of size length
+ char *pdfDocEncodingToUTF16(const std::string &orig, int *length)
+@@ -2730,6 +2730,8 @@
+
+ Form::AddFontResult Form::addFontToDefaultResources(const std::string
&filepath, int faceIndex, const std::string &fontFamily, const std::string
&fontStyle)
+ {
++ return {};
++#if 0
+ if (!GooString::endsWith(filepath, ".ttf") &&
!GooString::endsWith(filepath, ".ttc") && !GooString::endsWith(filepath,
".otf")) {
+ error(errIO, -1, "We only support embedding ttf/ttc/otf fonts for
now. The font file for {0:s} {1:s} was {2:s}", fontFamily.c_str(),
fontStyle.c_str(), filepath.c_str());
+ return {};
+@@ -2939,6 +2941,7 @@
+ }
+
+ return { dictFontName, fontDictRef };
++#endif
+ }
+
+ std::string Form::getFallbackFontForChar(Unicode uChar, const GfxFont
&fontToEmulate) const
diff --git a/external/poppler/gcc7-EntityInfo.patch.1
b/external/poppler/gcc7-EntityInfo.patch.1
new file mode 100644
index 000000000000..b450bff93af9
--- /dev/null
+++ b/external/poppler/gcc7-EntityInfo.patch.1
@@ -0,0 +1,48 @@
+gcc 7.3.1 says:
+
+workdir/UnpackedTarball/poppler/poppler/CertificateInfo.cc:42:34: error:
function ‘X509CertificateInfo::EntityInfo&
X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo&&)’
defaulted on its redeclaration with an exception-specification that differs
from the implicit exception-specification ‘’
+
+--- poppler/poppler/CertificateInfo.h.orig 2022-09-14 19:32:12.426351385
+0200
++++ poppler/poppler/CertificateInfo.h 2022-09-14 19:32:18.947347812 +0200
+@@ -70,7 +70,7 @@
+ ~EntityInfo();
+
+ EntityInfo(EntityInfo &&) noexcept;
+- EntityInfo &operator=(EntityInfo &&) noexcept;
++ EntityInfo &operator=(EntityInfo &&) /*noexcept*/;
+
+ EntityInfo(const EntityInfo &) = delete;
+ EntityInfo &operator=(const EntityInfo &) = delete;
+--- poppler/poppler/CertificateInfo.cc.orig 2022-09-14 19:31:10.225385467
+0200
++++ poppler/poppler/CertificateInfo.cc 2022-09-14 19:31:12.572384182 +0200
+@@ -39,7 +39,7 @@
+
+ X509CertificateInfo::EntityInfo::EntityInfo(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
+
+-X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) noexcept = default;
++X509CertificateInfo::EntityInfo
&X509CertificateInfo::EntityInfo::operator=(X509CertificateInfo::EntityInfo
&&other) /*noexcept*/ = default;
+
+ X509CertificateInfo::X509CertificateInfo() : ku_extensions(KU_NONE),
cert_version(-1), is_self_signed(false) { }
+
+--- poppler/poppler/GfxFont.cc.orig 2022-09-14 20:24:32.569607333 +0200
++++ poppler/poppler/GfxFont.cc 2022-09-14 20:24:52.323596186 +0200
+@@ -180,7 +180,7 @@
+
+ GfxFontLoc::GfxFontLoc(GfxFontLoc &&other) noexcept = default;
+
+-GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) noexcept = default;
++GfxFontLoc &GfxFontLoc::operator=(GfxFontLoc &&other) /*noexcept*/ = default;
+
+ void GfxFontLoc::setPath(GooString *pathA)
+ {
+--- poppler/poppler/GfxFont.h.orig 2022-09-14 20:24:30.784608340 +0200
++++ poppler/poppler/GfxFont.h 2022-09-14 20:25:08.850586861 +0200
+@@ -124,7 +124,7 @@
+ GfxFontLoc(const GfxFontLoc &) = delete;
+ GfxFontLoc(GfxFontLoc &&) noexcept;
+ GfxFontLoc &operator=(const GfxFontLoc &) = delete;
+- GfxFontLoc &operator=(GfxFontLoc &&other) noexcept;
++ GfxFontLoc &operator=(GfxFontLoc &&other) /*noexcept*/;
+
+ // Set the 'path' string from a GooString on the heap.
+ // Ownership of the object is taken.
diff --git a/external/poppler/poppler-config.patch.1
b/external/poppler/poppler-config.patch.1
index 2a24d4510197..455a88e2afc4 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -16,7 +16,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/config.h
-@@ -0,0 +1,223 @@
+@@ -0,0 +1,220 @@
+/* config.h. Generated from config.h.cmake by cmake. */
+
+/* Build against libcurl. */
@@ -105,9 +105,6 @@ index 0fbd336a..451213f8 100644
+#define HAVE_TIMEGM 1
+#endif
+
-+/* Define if you have the iconv() function and it works. */
-+/* #undef HAVE_ICONV */
-+
+/* Define to 1 if you have the `z' library (-lz). */
+/* #undef HAVE_LIBZ */
+
@@ -176,7 +173,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 21.11.0"
++#define PACKAGE_STRING "poppler 22.09.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -185,7 +182,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "21.11.0"
++#define PACKAGE_VERSION "22.09.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -203,7 +200,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "21.11.0"
++#define VERSION "22.09.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -229,7 +226,7 @@ index 0fbd336a..451213f8 100644
+#define popen _popen
+#define pclose _pclose
+#define strncasecmp _strnicmp
-+// error C4005: "strcasecmp": macro redefinition #define strcasecmp
_stricmp
++#define strcasecmp _stricmp
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
@@ -250,7 +247,7 @@ index 0fbd336a..451213f8 100644
+//
+// poppler-config.h
+//
-+// Copyright 1996-2011 Glyph & Cog, LLC
++// Copyright 1996-2011, 2022 Glyph & Cog, LLC
+//
+//========================================================================
+
@@ -284,7 +281,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "21.11.0"
++#define POPPLER_VERSION "22.09.0"
+#endif
+
+/* Use single precision arithmetic in the Splash backend */
@@ -376,8 +373,8 @@ index 0fbd336a..451213f8 100644
+//------------------------------------------------------------------------
+
+// copyright notice
-+#define popplerCopyright "Copyright 2005-2021 The Poppler Developers -
http://poppler.freedesktop.org";
-+#define xpdfCopyright "Copyright 1996-2011 Glyph & Cog, LLC"
++#define popplerCopyright "Copyright 2005-2022 The Poppler Developers -
http://poppler.freedesktop.org";
++#define xpdfCopyright "Copyright 1996-2011, 2022 Glyph & Cog, LLC"
+
+//------------------------------------------------------------------------
+// Win32 stuff
@@ -436,9 +433,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "21.11.0"
-+#define POPPLER_VERSION_MAJOR 21
-+#define POPPLER_VERSION_MINOR 11
++#define POPPLER_VERSION "22.09.0"
++#define POPPLER_VERSION_MAJOR 22
++#define POPPLER_VERSION_MINOR 9
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
diff --git a/sdext/Executable_xpdfimport.mk b/sdext/Executable_xpdfimport.mk
index 360358d450d2..7b951a2cd0c6 100644
--- a/sdext/Executable_xpdfimport.mk
+++ b/sdext/Executable_xpdfimport.mk
@@ -22,6 +22,10 @@ $(eval $(call
gb_Executable_add_exception_objects,xpdfimport,\
sdext/source/pdfimport/xpdfwrapper/wrapper_gpl \
))
+$(eval $(call gb_Executable_use_system_win32_libs,xpdfimport,\
+ shell32 \
+))
+
$(eval $(call gb_Executable_add_default_nativeres,xpdfimport))
# vim:set noet sw=4 ts=4:
commit 83b93fec26cb1b9bfafbabd76ae9c57f92270ed5
Author: Caolán McNamara <caol...@redhat.com>
AuthorDate: Thu Jan 13 19:41:59 2022 +0000
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:19:49 2023 +0100
upgrade poppler to 22.01.0
and popppler-data to 0.4.11
Change-Id: Ibd8c28f36408a670b5853f1b266c6b8c36916a61
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/128398
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 9dbfda4cea569459e42203771754b902c1a09759)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139966
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
Tested-by: Noel Grandin <noel.gran...@collabora.co.uk>
Reviewed-by: Noel Grandin <noel.gran...@collabora.co.uk>
(cherry picked from commit 486a1004982b4072b488e8c42a7e09afd8043c2e)
diff --git a/download.lst b/download.lst
index 2f746b1300a0..ad8a4aa0a632 100644
--- a/download.lst
+++ b/download.lst
@@ -236,8 +236,8 @@ export PIXMAN_SHA256SUM :=
21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export LIBPNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM :=
31b76b5cac0a48612fdd154c02d9eca01fd38fb8eaa77c1196840ecdeb53a584
-export POPPLER_TARBALL := poppler-21.11.0.tar.xz
+export POPPLER_SHA256SUM :=
7d3493056b5b86413e5c693c2cae02c5c06cd8e618d14c2c31e2c84b67b2313e
+export POPPLER_TARBALL := poppler-22.01.0.tar.xz
export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
export PYTHON_SHA256SUM :=
f8d82e7572c86ec9d55c8627aae5040124fd2203af400c383c821b980306ee6b
diff --git a/external/poppler/StaticLibrary_poppler.mk
b/external/poppler/StaticLibrary_poppler.mk
index bcb66b49299a..1f1adba6ee34 100644
--- a/external/poppler/StaticLibrary_poppler.mk
+++ b/external/poppler/StaticLibrary_poppler.mk
@@ -84,6 +84,8 @@ $(eval $(call
gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/Decrypt \
UnpackedTarball/poppler/poppler/Dict \
UnpackedTarball/poppler/poppler/Error \
+ UnpackedTarball/poppler/poppler/FDPDFDocBuilder \
+ UnpackedTarball/poppler/poppler/FILECacheLoader \
UnpackedTarball/poppler/poppler/FileSpec \
UnpackedTarball/poppler/poppler/FontEncodingTables \
UnpackedTarball/poppler/poppler/Form \
@@ -94,6 +96,7 @@ $(eval $(call
gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/GfxState \
UnpackedTarball/poppler/poppler/GlobalParams \
UnpackedTarball/poppler/poppler/Hints \
+ UnpackedTarball/poppler/poppler/ImageEmbeddingUtils \
UnpackedTarball/poppler/poppler/JArithmeticDecoder \
UnpackedTarball/poppler/poppler/JBIG2Stream \
UnpackedTarball/poppler/poppler/JSInfo \
@@ -130,8 +133,6 @@ $(eval $(call
gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/TextOutputDev \
UnpackedTarball/poppler/poppler/PageLabelInfo \
UnpackedTarball/poppler/poppler/SecurityHandler \
- UnpackedTarball/poppler/poppler/StdinCachedFile \
- UnpackedTarball/poppler/poppler/StdinPDFDocBuilder \
UnpackedTarball/poppler/poppler/Sound \
UnpackedTarball/poppler/poppler/ViewerPreferences \
UnpackedTarball/poppler/poppler/Movie \
commit 2138be11e74b9b592e2e54f35d75f96f8fb7276c
Author: Sam James <s...@gentoo.org>
AuthorDate: Fri Sep 2 04:31:18 2022 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:19:49 2023 +0100
Fix build with Poppler 22.09.0
With Poppler 22.09.0, LO fails to build with:
```
/var/tmp/portage/app-office/libreoffice-7.3.5.2/work/libreoffice-7.3.5.2/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx:682:36:
error: too many arguments to function call, expected single argument 'start',
have 3 arguments
state->getLineDash(&dashArray, &arrayLen, &startOffset);
~~~~~~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~
/usr/include/poppler/GfxState.h:1506:32: note: 'getLineDash' declared here
const std::vector<double> &getLineDash(double *start)
^
1 error generated.
```
Poppler changed the getLineDash interface:
```
- void getLineDash(double **dash, int *length, double *start)
+ const std::vector<double> &getLineDash(double *start)
```
Signed-off-by: Sam James <s...@gentoo.org>
Change-Id: I29e18f20d7650a7fcac1bc8ab4aaa04aaa2ab8fb
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139249
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit b7d63694985bbb1cf86eb71769feadb28ce68c17)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139835
(cherry picked from commit 89d2ecd6bc71fc6e581cff595b18ae67a13d8b11)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 85cd88d50162..d621aabc8204 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -661,8 +661,15 @@ void PDFOutDev::updateLineDash(GfxState *state)
return;
assert(state);
- double* dashArray; int arrayLen; double startOffset;
+ int arrayLen; double startOffset;
+#if POPPLER_CHECK_VERSION(22, 9, 0)
+ const std::vector<double> &dash = state->getLineDash(&startOffset);
+ const double* dashArray = dash.data();
+ arrayLen = dash.size();
+#else
+ double* dashArray;
state->getLineDash(&dashArray, &arrayLen, &startOffset);
+#endif
printf( "updateLineDash" );
if( arrayLen && dashArray )
commit 58648d46629e81f887f65b5b76a1252005b49394
Author: Nathan Pratta Teodosio <nathan.teodo...@canonical.com>
AuthorDate: Tue Jun 21 08:47:14 2022 -0300
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:19:48 2023 +0100
Update for Poppler 22.06
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136261
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 0d0469b4302dfe95b016a6f04b145834b79d5ed3)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136319
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
(cherry picked from commit 56c7e666ebf47d6cdf29adf85fc5de56246be86d)
Follow-up for Poppler 22.06 update
Change-Id: I8ee9f1a53cc4389e6a4d44e9765b478b5edfffd4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136342
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit ad1ffc62e40c2409b610dfff25a8483b1f2556ad)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/136382
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
(cherry picked from commit 71fb0151f985924af60c383331b214a5a27790a5)
diff --git a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
index 16ad04bf660a..85cd88d50162 100644
--- a/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/pdfioutdev_gpl.cxx
@@ -456,12 +456,21 @@ int PDFOutDev::parseFont( long long nNewId, GfxFont*
gfxFont, GfxState* state )
{
// TODO(P3): Unfortunately, need to read stream twice, since
// we must write byte count to stdout before
+#if POPPLER_CHECK_VERSION(22, 6, 0)
+ std::optional<std::vector<unsigned char>> pBuf =
gfxFont->readEmbFontFile( m_pDoc->getXRef() );
+ if ( pBuf )
+ {
+ aNewFont.isEmbedded = true;
+ nSize = pBuf->size();
+ }
+#else
char* pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef(), &nSize );
if( pBuf )
{
aNewFont.isEmbedded = true;
gfree(pBuf);
}
+#endif
}
m_aFontMap[ nNewId ] = aNewFont;
@@ -474,13 +483,29 @@ void PDFOutDev::writeFontFile( GfxFont* gfxFont ) const
return;
int nSize = 0;
+#if POPPLER_CHECK_VERSION(22, 6, 0)
+ std::optional<std::vector<unsigned char>> pBuf = gfxFont->readEmbFontFile(
m_pDoc->getXRef() );
+ if ( pBuf )
+ nSize = pBuf->size();
+ if ( nSize == 0 )
+ return;
+#else
char* pBuf = gfxFont->readEmbFontFile( m_pDoc->getXRef(), &nSize );
if( !pBuf )
return;
+#endif
// ---sync point--- see SYNC STREAMS above
fflush(stdout);
+#if POPPLER_CHECK_VERSION(22, 6, 0)
+ if( fwrite(pBuf->data(), sizeof(*pBuf->data()), nSize, g_binary_out) !=
static_cast<size_t>(nSize) )
+ {
+ exit(1); // error
+ }
+ // ---sync point--- see SYNC STREAMS above
+ fflush(g_binary_out);
+#else
if( fwrite(pBuf, sizeof(char), nSize, g_binary_out) !=
static_cast<size_t>(nSize) )
{
gfree(pBuf);
@@ -489,6 +514,7 @@ void PDFOutDev::writeFontFile( GfxFont* gfxFont ) const
// ---sync point--- see SYNC STREAMS above
fflush(g_binary_out);
gfree(pBuf);
+#endif
}
#if POPPLER_CHECK_VERSION(0, 83, 0)
@@ -742,7 +768,11 @@ void PDFOutDev::updateFont(GfxState *state)
{
assert(state);
+#if POPPLER_CHECK_VERSION(22, 6, 0)
+ GfxFont *gfxFont = state->getFont().get();
+#else
GfxFont *gfxFont = state->getFont();
+#endif
if( !gfxFont )
return;
diff --git a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
index b1a54bd09c5f..3ab3381652cd 100644
--- a/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
+++ b/sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx
@@ -119,6 +119,15 @@ int main(int argc, char **argv)
_setmode( _fileno( g_binary_out ), _O_BINARY );
#endif
+#if POPPLER_CHECK_VERSION(22, 6, 0)
+ PDFDoc aDoc( std::make_unique<GooString>(pFileName),
+ std::optional<GooString>(pOwnerPasswordStr),
+ std::optional<GooString>(pUserPasswordStr) );
+
+ PDFDoc aErrDoc( std::make_unique<GooString>(pErrFileName),
+ std::optional<GooString>(pOwnerPasswordStr),
+ std::optional<GooString>(pUserPasswordStr) );
+#else
PDFDoc aDoc( pFileName,
pOwnerPasswordStr,
pUserPasswordStr );
@@ -126,6 +135,7 @@ int main(int argc, char **argv)
PDFDoc aErrDoc( pErrFileName,
pOwnerPasswordStr,
pUserPasswordStr );
+#endif
// Check various permissions for aDoc.
PDFDoc &rDoc = aDoc.isOk()? aDoc: aErrDoc;
commit c9464c59f119bbf923d7c0bdab20712c37686e0b
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Thu Nov 11 11:01:43 2021 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:19:43 2023 +0100
poppler: upgrade to release 21.11.0
The changelogs tend to mention "crash in malformed files" a lot.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/125034
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 03bc0f97205593547ddf1fc8d4fb396479bcab6d)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124973
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 22beb8f80985ea73e2c98d14480e53da81673c67)
Change-Id: Iadc1d9cc23abd09a8fff58ba0cb7a7803236a542
diff --git a/download.lst b/download.lst
index 2680f11a5cc3..2f746b1300a0 100644
--- a/download.lst
+++ b/download.lst
@@ -236,8 +236,8 @@ export PIXMAN_SHA256SUM :=
21b6b249b51c6800dc9553b65106e1e37d0e25df942c90531d4c3
export PIXMAN_TARBALL := e80ebae4da01e77f68744319f01d52a3-pixman-0.34.0.tar.gz
export LIBPNG_SHA256SUM :=
505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca
export LIBPNG_TARBALL := libpng-1.6.37.tar.xz
-export POPPLER_SHA256SUM :=
016dde34e5f868ea98a32ca99b643325a9682281500942b7113f4ec88d20e2f3
-export POPPLER_TARBALL := poppler-21.01.0.tar.xz
+export POPPLER_SHA256SUM :=
31b76b5cac0a48612fdd154c02d9eca01fd38fb8eaa77c1196840ecdeb53a584
+export POPPLER_TARBALL := poppler-21.11.0.tar.xz
export POSTGRESQL_SHA256SUM :=
9b81067a55edbaabc418aacef457dd8477642827499560b00615a6ea6c13f6b3
export POSTGRESQL_TARBALL := postgresql-13.5.tar.bz2
export PYTHON_SHA256SUM :=
f8d82e7572c86ec9d55c8627aae5040124fd2203af400c383c821b980306ee6b
diff --git a/external/poppler/StaticLibrary_poppler.mk
b/external/poppler/StaticLibrary_poppler.mk
index 3cc0a95e3617..bcb66b49299a 100644
--- a/external/poppler/StaticLibrary_poppler.mk
+++ b/external/poppler/StaticLibrary_poppler.mk
@@ -72,6 +72,7 @@ $(eval $(call
gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/fofi/FoFiType1C \
UnpackedTarball/poppler/fofi/FoFiIdentifier \
UnpackedTarball/poppler/poppler/Annot \
+ UnpackedTarball/poppler/poppler/AnnotStampImageHelper \
UnpackedTarball/poppler/poppler/Array \
UnpackedTarball/poppler/poppler/BBoxOutputDev \
UnpackedTarball/poppler/poppler/CachedFile \
@@ -136,6 +137,7 @@ $(eval $(call
gb_StaticLibrary_add_generated_exception_objects,poppler,\
UnpackedTarball/poppler/poppler/Movie \
UnpackedTarball/poppler/poppler/Rendition \
UnpackedTarball/poppler/poppler/DCTStream \
+ UnpackedTarball/poppler/splash/SplashBitmap \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/poppler/poppler-config.patch.1
b/external/poppler/poppler-config.patch.1
index b902402ea4e7..2a24d4510197 100644
--- a/external/poppler/poppler-config.patch.1
+++ b/external/poppler/poppler-config.patch.1
@@ -16,7 +16,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/config.h
-@@ -0,0 +1,221 @@
+@@ -0,0 +1,223 @@
+/* config.h. Generated from config.h.cmake by cmake. */
+
+/* Build against libcurl. */
@@ -176,7 +176,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_NAME "poppler"
+
+/* Define to the full name and version of this package. */
-+#define PACKAGE_STRING "poppler 21.01.0"
++#define PACKAGE_STRING "poppler 21.11.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "poppler"
@@ -185,7 +185,7 @@ index 0fbd336a..451213f8 100644
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
-+#define PACKAGE_VERSION "21.01.0"
++#define PACKAGE_VERSION "21.11.0"
+
+/* Poppler data dir */
+#define POPPLER_DATADIR "/usr/local/share/poppler"
@@ -203,7 +203,7 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_FLOAT */
+
+/* Version number of package */
-+#define VERSION "21.01.0"
++#define VERSION "21.11.0"
+
+#if defined(__APPLE__)
+#elif defined (_WIN32)
@@ -228,6 +228,8 @@ index 0fbd336a..451213f8 100644
+#if defined(_MSC_VER) || defined(__BORLANDC__)
+#define popen _popen
+#define pclose _pclose
++#define strncasecmp _strnicmp
++// error C4005: "strcasecmp": macro redefinition #define strcasecmp
_stricmp
+#endif
+
+/* Number of bits in a file offset, on hosts where this is settable. */
@@ -243,7 +245,7 @@ new file mode 100644
index 0fbd336a..451213f8 100644
--- /dev/null
+++ b/poppler/poppler-config.h
-@@ -0,0 +1,166 @@
+@@ -0,0 +1,161 @@
+//================================================= -*- mode: c++ -*- ====
+//
+// poppler-config.h
@@ -282,7 +284,7 @@ index 0fbd336a..451213f8 100644
+
+/* Defines the poppler version. */
+#ifndef POPPLER_VERSION
-+#define POPPLER_VERSION "21.01.0"
++#define POPPLER_VERSION "21.11.0"
+#endif
+
+/* Use single precision arithmetic in the Splash backend */
@@ -369,11 +371,6 @@ index 0fbd336a..451213f8 100644
+/* #undef USE_BOOST_HEADERS */
+#endif
+
-+/* Is splash backend available */
-+#ifndef HAVE_SPLASH
-+/* #undef HAVE_SPLASH */
-+#endif
-+
+//------------------------------------------------------------------------
+// version
+//------------------------------------------------------------------------
@@ -439,9 +436,9 @@ index 0fbd336a..451213f8 100644
+
+#include "poppler-global.h"
+
-+#define POPPLER_VERSION "21.01.0"
++#define POPPLER_VERSION "21.11.0"
+#define POPPLER_VERSION_MAJOR 21
-+#define POPPLER_VERSION_MINOR 1
++#define POPPLER_VERSION_MINOR 11
+#define POPPLER_VERSION_MICRO 0
+
+namespace poppler
@@ -455,3 +452,38 @@ index 0fbd336a..451213f8 100644
+}
+
+#endif
+diff --git a/poppler_private_export.h b/poppler_private_export.h
+new file mode 100644
+index 0fbd336a..451213f8 100644
+--- /dev/null
++++ b/poppler_private_export.h
+@@ -0,0 +1,11 @@
++
++#ifndef POPPLER_PRIVATE_EXPORT_H
++#define POPPLER_PRIVATE_EXPORT_H
++
++# define POPPLER_PRIVATE_EXPORT
++# define POPPLER_PRIVATE_NO_EXPORT
++# define POPPLER_PRIVATE_DEPRECATED
++# define POPPLER_PRIVATE_DEPRECATED_EXPORT
++# define POPPLER_PRIVATE_DEPRECATED_NO_EXPORT
++
++#endif /* POPPLER_PRIVATE_EXPORT_H */
+
+diff --git a/cpp/poppler_cpp_export.h b/cpp/poppler_cpp_export.h
+new file mode 100644
+index 0fbd336a..451213f8 100644
+--- /dev/null
++++ b/cpp/poppler_cpp_export.h
+@@ -0,0 +1,11 @@
++
++#ifndef POPPLER_CPP_EXPORT_H
++#define POPPLER_CPP_EXPORT_H
++
++# define POPPLER_CPP_EXPORT
++# define POPPLER_CPP_NO_EXPORT
++# define POPPLER_CPP_DEPRECATED
++# define POPPLER_CPP_DEPRECATED_EXPORT
++# define POPPLER_CPP_DEPRECATED_NO_EXPORT
++
++#endif /* POPPLER_CPP_EXPORT_H */
commit 7dd8b3c23cd96cdd584262cedf6899f5c09c7e78
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Mon Oct 31 00:20:55 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:18:17 2023 +0100
upgrade Expat to 2.5.0
Fixes CVE-2022-43680
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142205
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 74eea44c685e108fab44c85ce81609091c7be1ec)
Change-Id: I5bf8d1ab0ac352833c76a7edfc1d8eb78dd03e10
diff --git a/download.lst b/download.lst
index 1840636c71d0..2680f11a5cc3 100644
--- a/download.lst
+++ b/download.lst
@@ -48,8 +48,8 @@ export EPUBGEN_TARBALL := libepubgen-0.1.1.tar.xz
export ETONYEK_SHA256SUM :=
b430435a6e8487888b761dc848b7981626eb814884963ffe25eb26a139301e9a
export ETONYEK_VERSION_MICRO := 10
export ETONYEK_TARBALL := libetonyek-0.1.$(ETONYEK_VERSION_MICRO).tar.xz
-export EXPAT_SHA256SUM :=
6e8c0728fe5c7cd3f93a6acce43046c5e4736c7b4b68e032e9350daa0efc0354
-export EXPAT_TARBALL := expat-2.4.9.tar.xz
+export EXPAT_SHA256SUM :=
ef2420f0232c087801abf705e89ae65f6257df6b7931d37846a193ef2e8cdcbe
+export EXPAT_TARBALL := expat-2.5.0.tar.xz
export FIREBIRD_SHA256SUM :=
6994be3555e23226630c587444be19d309b25b0fcf1f87df3b4e3f88943e5860
export FIREBIRD_TARBALL := Firebird-3.0.0.32483-0.tar.bz2
export FONTCONFIG_SHA256SUM :=
19e5b1bc9d013a52063a44e1307629711f0bfef35b9aca16f9c793971e2eb1e5
diff --git a/external/expat/expat-winapi.patch
b/external/expat/expat-winapi.patch
index 7eae7d5d6139..fed65644a732 100644
--- a/external/expat/expat-winapi.patch
+++ b/external/expat/expat-winapi.patch
@@ -1,6 +1,6 @@
---- misc/expat-2.1.0/lib/expat_external.h 2009-11-16 08:53:17.375000000
+0000
-+++ misc/build/expat-2.1.0/lib/expat_external.h 2009-11-16
08:53:34.703125000 +0000
-@@ -81,10 +81,6 @@
+--- misc/expat-2.5.0/lib/expat_external.h 2022-10-25 01:32:54.000000000
+0900
++++ misc/build/expat-2.5.0/lib/expat_external.h 2022-10-30
23:09:47.339459134 +0900
+@@ -88,10 +88,6 @@
# ifndef XML_BUILDING_EXPAT
/* using Expat from an application */
@@ -11,12 +11,13 @@
# endif
#endif /* not defined XML_STATIC */
---- misc/expat-2.1.0/lib/xmlparse.c 2021-05-23 16:56:25.000000000 +0100
-+++ misc/build/expat-2.1.0/lib/xmlparse.c 2021-05-25 12:42:11.997173600
+0100
-@@ -64,6 +64,8 @@
+--- misc/expat-2.5.0/lib/xmlparse.c 2022-10-26 00:09:08.000000000 +0900
++++ misc/build/expat-2.5.0/lib/xmlparse.c 2022-10-30 23:09:01.843006341
+0900
+@@ -67,6 +67,9 @@
#endif
#ifdef _WIN32
++# undef HAVE_ARC4RANDOM_BUF
+# undef HAVE_GETRANDOM
+# undef HAVE_SYSCALL_GETRANDOM
/* force stdlib to define rand_s() */
commit a8a6f8d3a146be2a495ad6989ff412498c3a11f2
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Wed Sep 21 16:43:27 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:18:17 2023 +0100
update expat to 2.4.9
Fixes CVE-2022-40674
(https://github.com/libexpat/libexpat/blob/R_2_4_9/expat/Changes)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/140173
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 1bff2caff1bbb39fe431c455aeab1f0234200d8d)
Change-Id: I459cf5f5de31e7cf5420d3df6b11893d5c4ca4dd
diff --git a/download.lst b/download.lst
index cea4415b9d61..1840636c71d0 100644
--- a/download.lst
+++ b/download.lst
@@ -48,8 +48,8 @@ export EPUBGEN_TARBALL := libepubgen-0.1.1.tar.xz
export ETONYEK_SHA256SUM :=
b430435a6e8487888b761dc848b7981626eb814884963ffe25eb26a139301e9a
export ETONYEK_VERSION_MICRO := 10
export ETONYEK_TARBALL := libetonyek-0.1.$(ETONYEK_VERSION_MICRO).tar.xz
-export EXPAT_SHA256SUM :=
de55794b7a9bc214852fdc075beaaecd854efe1361597e6268ee87946951289b
-export EXPAT_TARBALL := expat-2.4.6.tar.xz
+export EXPAT_SHA256SUM :=
6e8c0728fe5c7cd3f93a6acce43046c5e4736c7b4b68e032e9350daa0efc0354
+export EXPAT_TARBALL := expat-2.4.9.tar.xz
export FIREBIRD_SHA256SUM :=
6994be3555e23226630c587444be19d309b25b0fcf1f87df3b4e3f88943e5860
export FIREBIRD_TARBALL := Firebird-3.0.0.32483-0.tar.bz2
export FONTCONFIG_SHA256SUM :=
19e5b1bc9d013a52063a44e1307629711f0bfef35b9aca16f9c793971e2eb1e5
commit 3bed669f4eab7ebce44dfef77e164aca2c33c303
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Tue Mar 21 10:46:46 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:15:32 2023 +0100
curl: upgrade to release 8.0.1
Apparently 8.0.0 had a serious regression.
Change-Id: Icc761f5e5e01b5d9bebecc13f7cba608f5834f54
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149212
Tested-by: Andras Timar <andras.ti...@collabora.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
diff --git a/download.lst b/download.lst
index 580ed41bbd46..cea4415b9d61 100644
--- a/download.lst
+++ b/download.lst
@@ -32,8 +32,8 @@ export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-
# three static lines
# so that git cherry-pick
# will not run into conflicts
-export CURL_SHA256SUM :=
759690f9a375a720f8bcce9f953897b0d93f31eed9649b74f846d54bbf63bbcc
-export CURL_TARBALL := curl-8.0.0.tar.xz
+export CURL_SHA256SUM :=
0a381cd82f4d00a9a334438b8ca239afea5bfefcfa9a1025f2bf118e79e0b5f0
+export CURL_TARBALL := curl-8.0.1.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit 87eced4412e5ad9c68c053690bea73fbfcf31164
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Mon Mar 20 11:52:22 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:15:10 2023 +0100
curl: upgrade to release 8.0.0
Fixes CVE-2023-27535.
Also hopefully fixes excessive storage consumption during build:
o build: drop the use of XC_AMEND_DISTCLEAN [62]
Change-Id: I8792e95bc7634ee496488e80fec5a1310b24a31c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149153
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/149211
Tested-by: Andras Timar <andras.ti...@collabora.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
diff --git a/download.lst b/download.lst
index 83ca2d40a9c4..580ed41bbd46 100644
--- a/download.lst
+++ b/download.lst
@@ -32,8 +32,8 @@ export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-
# three static lines
# so that git cherry-pick
# will not run into conflicts
-export CURL_SHA256SUM :=
1dae31b2a7c1fe269de99c0c31bb488346aab3459b5ffca909d6938249ae415f
-export CURL_TARBALL := curl-7.88.1.tar.xz
+export CURL_SHA256SUM :=
759690f9a375a720f8bcce9f953897b0d93f31eed9649b74f846d54bbf63bbcc
+export CURL_TARBALL := curl-8.0.0.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit d8a0a838b04a7ebd0c8a3b8ce5ed691b6c7ef49f
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Thu Feb 23 15:31:02 2023 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:11:29 2023 +0100
curl: upgrade to release 7.88.1
Fixes CVE-2023-23916, 2 CVEs that probably don't affect LO.
Reference: https://curl.se/docs/security.html
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147977
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 6074d16b8c631e679a67364837d4ca9799731152)
Change-Id: If9b3fc7c5ce66bfe1027caff39ea2c1cf55df7ad
diff --git a/download.lst b/download.lst
index b21ca143f7f9..83ca2d40a9c4 100644
--- a/download.lst
+++ b/download.lst
@@ -32,8 +32,8 @@ export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-
# three static lines
# so that git cherry-pick
# will not run into conflicts
-export URL_SHA256SUM :=
ee5f1a1955b0ed413435ef79db28b834ea5f0fb7c8cfb1ce47175cc3bee08fff
-export CURL_TARBALL := curl-7.87.0.tar.xz
+export CURL_SHA256SUM :=
1dae31b2a7c1fe269de99c0c31bb488346aab3459b5ffca909d6938249ae415f
+export CURL_TARBALL := curl-7.88.1.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 909ca38315a6..62016a70e8a0 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -44,7 +44,7 @@
/****************************************************************
* Detect what (if any) proxy to use. Remember that this selects a host
* name and is not limited to HTTP proxies only.
-@@ -4613,6 +4633,66 @@
+@@ -4613,6 +4633,67 @@
* For compatibility, the all-uppercase versions of these variables are
* checked if the lowercase versions don't exist.
*/
@@ -58,6 +58,7 @@
+ char *ieProxy;
+ char *ieNoProxy;
+ char *pos;
++ bool spacesp;
+
+ ieProxy = wstrToCstr(ieProxyConfig->lpszProxy);
+ ieNoProxy = wstrToCstr(ieProxyConfig->lpszProxyBypass);
@@ -72,7 +73,7 @@
+ }
+ }
+
-+ if(!Curl_check_noproxy(conn->host.name, no_proxy)) {
++ if(!Curl_check_noproxy(conn->host.name, no_proxy, &spacesp)) {
+ /* Look for the http proxy setting */
+ char *tok;
+ char *saveptr;
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 2128849369e7..2e8766b3d45f 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
---- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
-+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -28230,7 +28230,12 @@
+--- curl.orig/configure 2023-02-20 16:11:55.000000000 +0900
++++ curl/configure 2023-02-23 15:40:58.617432471 +0900
+@@ -28675,7 +28675,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
commit e71271b4bc90111c494707570a95ffcbd9585192
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Fri Dec 30 21:29:58 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:10:54 2023 +0100
curl: upgrade to release 7.87.0
Fixes CVE-2022-43551 and CVE-2022-43552.
https://curl.se/docs/CVE-2022-43551.html
https://curl.se/docs/CVE-2022-43552.html
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145116
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 181806115a694ade32c7bba1abd9aa931b1a93b9)
Change-Id: I979ed11c212aef226ad9f26420462e5f9dbe15e5
diff --git a/download.lst b/download.lst
index c30bdc9b6aef..b21ca143f7f9 100644
--- a/download.lst
+++ b/download.lst
@@ -29,8 +29,14 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b
-export CURL_TARBALL := curl-7.86.0.tar.xz
+# three static lines
+# so that git cherry-pick
+# will not run into conflicts
+export URL_SHA256SUM :=
ee5f1a1955b0ed413435ef79db28b834ea5f0fb7c8cfb1ce47175cc3bee08fff
+export CURL_TARBALL := curl-7.87.0.tar.xz
+# three static lines
+# so that git cherry-pick
+# will not run into conflicts
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 6fb20533e097..909ca38315a6 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -12,8 +12,8 @@
--- curl-7.26.0/lib/url.c
+++ misc/build/curl-7.26.0/lib/url.c
@@ -78,6 +78,10 @@
- bool Curl_win32_idn_to_ascii(const char *in, char **out);
- #endif /* USE_LIBIDN2 */
+
+ #include <limits.h>
+#ifdef _WIN32
+#include <WinHttp.h>
diff --git a/external/curl/curl-msvc-disable-protocols.patch.1
b/external/curl/curl-msvc-disable-protocols.patch.1
index 89c4ff576f85..71ff0c01a028 100644
--- a/external/curl/curl-msvc-disable-protocols.patch.1
+++ b/external/curl/curl-msvc-disable-protocols.patch.1
@@ -2,7 +2,7 @@ disable protocols nobody needs in MSVC build
--- curl/lib/config-win32.h.orig 2017-08-09 16:43:29.464000000 +0200
+++ curl/lib/config-win32.h 2017-08-09 16:47:38.549200000 +0200
-@@ -616,4 +616,20 @@
+@@ -654,4 +654,20 @@
# define ENABLE_IPV6 1
#endif
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 5ef25748d7eb..2128849369e7 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -27985,7 +27985,12 @@
+@@ -28230,7 +28230,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index b8e242a3aaea..b4442ba262d1 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,6 +1,6 @@
--- configure
+++ configure
-@@ -22808,7 +22808,6 @@
+@@ -23035,7 +23035,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -8,7 +8,7 @@
# Check whether --with-zlib was given.
if test ${with_zlib+y}
-@@ -22818,6 +22818,7 @@
+@@ -23045,6 +23044,7 @@
if test "$OPT_ZLIB" = "no" ; then
@@ -16,7 +16,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
else
-@@ -22825,6 +825,21 @@
+@@ -23052,6 +23052,21 @@
OPT_ZLIB=""
fi
@@ -38,7 +38,7 @@
if test -z "$OPT_ZLIB" ; then
if test -n "$PKG_CONFIG"; then
-@@ -23120,6 +23120,7 @@
+@@ -23344,6 +23359,7 @@
printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
curl_zlib_msg="enabled"
fi
@@ -48,7 +48,7 @@
if test x"$AMFIXLIB" = x1; then
--- configure.ac
+++ configure.ac
-@@ -1222,19 +1222,30 @@
+@@ -1243,19 +1243,30 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -80,7 +80,7 @@
if test -z "$OPT_ZLIB" ; then
CURL_CHECK_PKGCONFIG(zlib)
-@@ -1316,6 +1316,7 @@
+@@ -1336,6 +1347,7 @@
AC_MSG_NOTICE([found both libz and libz.h header])
curl_zlib_msg="enabled"
fi
commit 22546545e76cc99eb684eb583b4238b61e9f23dc
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Oct 26 11:07:49 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:10:05 2023 +0100
curl: upgrade to release 7.86.0
Fixes CVE-2022-32221 which could affect libcmis, CVE-2022-42915,
and 2 more CVEs that probably don't affect LO.
* remove --without-ssl:
On the one hand, on GNU/Linux this now results in:
configure: error: --without-ssl has been set together with an explicit
option to use an ssl library
On the other hand, using the more obvious --without-openssl yields a link
failure on Android on the nss check in configure:
configure:28220: checking for SSL_VersionRangeSet in -lnss
/home/cl/Android/Sdk/ndk/20.1.5948944/toolchains/llvm/prebuilt/linux-x86_64/bin/../lib/gcc/aarch64-linux-android/4.9.x/../../../../aarch64-linux-android/bin/ld:
warning: liblog.so, needed by
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnss3.so,
not found (try using -rpath or -rpath-link)
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_write'
/home/cl/rpmbuild/BUILD/lo-android2/workdir/UnpackedTarball/nss/dist/out/lib/libnspr4.so:
undefined reference to `__android_log_assert'
... so add the -llog for android in curl-nss.patch.1
Change-Id: I3931a1eec2d681c2ce0e5695039492772e9fcc81
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141866
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit a76a88203d8508f38b10d9bbb94c3bba2485fcaf)
diff --git a/download.lst b/download.lst
index e19aa0415530..c30bdc9b6aef 100644
--- a/download.lst
+++ b/download.lst
@@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6
-export CURL_TARBALL := curl-7.85.0.tar.xz
+export CURL_SHA256SUM :=
2d61116e5f485581f6d59865377df4463f2e788677ac43222b496d4e49fb627b
+export CURL_TARBALL := curl-7.86.0.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/ExternalProject_curl.mk
b/external/curl/ExternalProject_curl.mk
index b4ab0b88e55d..43bb1cad0b93 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -43,7 +43,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
$(if $(filter iOS MACOSX,$(OS)),\
--with-secure-transport,\
$(if $(ENABLE_NSS),--with-nss$(if
$(SYSTEM_NSS),,="$(call gb_UnpackedTarball_get_dir,nss)/dist/out")
--with-nss-deprecated,--without-nss)) \
- --without-ssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
+ --without-openssl --without-gnutls --without-polarssl
--without-cyassl --without-axtls --without-mbedtls \
--enable-ftp --enable-http --enable-ipv6 \
--without-libidn2 --without-libpsl --without-librtmp \
--without-libssh2 --without-metalink --without-nghttp2 \
diff --git a/external/curl/curl-7.26.0_win-proxy.patch
b/external/curl/curl-7.26.0_win-proxy.patch
index 1c5469a35479..6fb20533e097 100644
--- a/external/curl/curl-7.26.0_win-proxy.patch
+++ b/external/curl/curl-7.26.0_win-proxy.patch
@@ -12,18 +12,18 @@
--- curl-7.26.0/lib/url.c
+++ misc/build/curl-7.26.0/lib/url.c
@@ -78,6 +78,10 @@
- bool curl_win32_idn_to_ascii(const char *in, char **out);
+ bool Curl_win32_idn_to_ascii(const char *in, char **out);
#endif /* USE_LIBIDN2 */
+#ifdef _WIN32
+#include <WinHttp.h>
+#endif
+
+ #include "doh.h"
#include "urldata.h"
#include "netrc.h"
-
@@ -4586,6 +4590,21 @@
- }
+ #ifndef CURL_DISABLE_PROXY
#ifndef CURL_DISABLE_HTTP
+#ifdef _WIN32
@@ -72,7 +72,7 @@
+ }
+ }
+
-+ if(!check_noproxy(conn->host.name, no_proxy)) {
++ if(!Curl_check_noproxy(conn->host.name, no_proxy)) {
+ /* Look for the http proxy setting */
+ char *tok;
+ char *saveptr;
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index 016cd109c7a2..5ef25748d7eb 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,12 +1,17 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -27985,7 +27985,7 @@
+@@ -27985,7 +27985,12 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
- addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4"
+ addlib="-lssl3 -lsmime3 -lnss3 -lplds4 -lplc4 -lnspr4 -lnssutil3"
++ case $host_os in
++ *android*)
++ addlib="${addlib} -llog"
++ ;;
++ esac
addcflags="-I$OPT_NSS/include"
version="unknown"
nssprefix=$OPT_NSS
commit 8f77057f208844c039460b16d1f9d8653720520b
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Thu Sep 22 20:25:53 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:10:05 2023 +0100
curl: upgrade to release 7.85.0
Fixes CVE-2022-35252
Change-Id: I549240f6ae31ae94f925422517cd03ef2e3b5732
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/140411
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit 31a8de10e8f60d79d6eb588a049567b89a48f0b1)
diff --git a/download.lst b/download.lst
index f44e4ed77a07..e19aa0415530 100644
--- a/download.lst
+++ b/download.lst
@@ -29,8 +29,8 @@ export CPPUNIT_SHA256SUM :=
3d569869d27b48860210c758c4f313082103a5e58219a7669b52
export CPPUNIT_TARBALL := cppunit-1.14.0.tar.gz
export CT2N_SHA256SUM :=
71b238efd2734be9800af07566daea8d6685aeed28db5eb5fa0e6453f4d85de3
export CT2N_TARBALL :=
1f467e5bb703f12cbbb09d5cf67ecf4a-converttexttonumber-1-5-0.oxt
-export CURL_SHA256SUM :=
2cb9c2356e7263a1272fd1435ef7cdebf2cd21400ec287b068396deb705c22c4
-export CURL_TARBALL := curl-7.83.1.tar.xz
+export CURL_SHA256SUM :=
88b54a6d4b9a48cb4d873c7056dcba997ddd5b7be5a2d537a4acb55c20b04be6
+export CURL_TARBALL := curl-7.85.0.tar.xz
export EBOOK_SHA256SUM :=
7e8d8ff34f27831aca3bc6f9cc532c2f90d2057c778963b884ff3d1e34dfe1f9
export EBOOK_TARBALL := libe-book-0.1.3.tar.xz
export EPOXY_SHA256SUM :=
002958c5528321edd53440235d3c44e71b5b1e09b9177e8daf677450b6c4433d
diff --git a/external/curl/clang-cl.patch.0 b/external/curl/clang-cl.patch.0
index 2fbb10c2a9aa..5dfb19d5ba59 100644
--- a/external/curl/clang-cl.patch.0
+++ b/external/curl/clang-cl.patch.0
@@ -1,6 +1,6 @@
--- winbuild/MakefileBuild.vc
+++ winbuild/MakefileBuild.vc
-@@ -60,7 +60,7 @@
+@@ -52,7 +52,7 @@
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
diff --git a/external/curl/curl-msvc-disable-protocols.patch.1
b/external/curl/curl-msvc-disable-protocols.patch.1
index a6d06c69b004..89c4ff576f85 100644
--- a/external/curl/curl-msvc-disable-protocols.patch.1
+++ b/external/curl/curl-msvc-disable-protocols.patch.1
@@ -2,7 +2,7 @@ disable protocols nobody needs in MSVC build
--- curl/lib/config-win32.h.orig 2017-08-09 16:43:29.464000000 +0200
+++ curl/lib/config-win32.h 2017-08-09 16:47:38.549200000 +0200
-@@ -733,4 +733,20 @@
+@@ -616,4 +616,20 @@
# define ENABLE_IPV6 1
#endif
@@ -25,7 +25,7 @@ disable protocols nobody needs in MSVC build
#endif /* HEADER_CURL_CONFIG_WIN32_H */
--- curl/winbuild/MakefileBuild.vc.orig 2017-10-23 23:41:21.393200000
+0200
+++ curl/winbuild/MakefileBuild.vc 2017-10-23 23:34:16.028000000 +0200
-@@ -431,7 +431,7 @@
+@@ -562,7 +562,7 @@
EXE_OBJS = $(CURL_OBJS) $(CURL_DIROBJ)\curl.res
diff --git a/external/curl/curl-msvc-zlib.patch.1
b/external/curl/curl-msvc-zlib.patch.1
index 654303c21874..a9ee0013d50b 100644
--- a/external/curl/curl-msvc-zlib.patch.1
+++ b/external/curl/curl-msvc-zlib.patch.1
@@ -2,7 +2,7 @@ find internal zlib in nmake buildsystem
--- curl/winbuild/MakefileBuild.vc.orig2 2021-10-27 20:44:48.685237000
+0200
+++ curl/winbuild/MakefileBuild.vc 2021-10-27 20:47:23.792407400 +0200
-@@ -222,8 +222,9 @@
+@@ -244,8 +244,9 @@
ZLIB_LIB_DIR = $(ZLIB_PATH)\lib
ZLIB_LFLAGS = $(ZLIB_LFLAGS) "/LIBPATH:$(ZLIB_LIB_DIR)"
!ELSE
diff --git a/external/curl/curl-msvc.patch.1 b/external/curl/curl-msvc.patch.1
index a5b79a8e9c49..54ad026ec8c7 100644
--- a/external/curl/curl-msvc.patch.1
+++ b/external/curl/curl-msvc.patch.1
@@ -2,7 +2,7 @@ MSVC: using SOLARINC
--- curl/winbuild/MakefileBuild.vc.orig 2017-10-23 16:36:07.713550851
+0200
+++ curl/winbuild/MakefileBuild.vc 2017-10-23 16:38:19.301547594 +0200
-@@ -60,7 +60,7 @@
+@@ -52,7 +52,7 @@
!ELSE
CC_NODEBUG = $(CC) /O2 /DNDEBUG
CC_DEBUG = $(CC) /Od /D_DEBUG /RTC1 /Z7 /LDd
@@ -11,7 +11,7 @@ MSVC: using SOLARINC
!ENDIF
LFLAGS = /nologo /machine:$(MACHINE)
-@@ -300,11 +300,11 @@
+@@ -426,11 +426,11 @@
# CURL_XX macros are for the curl.exe command
!IF "$(DEBUG)"=="yes"
diff --git a/external/curl/curl-nss.patch.1 b/external/curl/curl-nss.patch.1
index d4dad7eba77e..016cd109c7a2 100644
--- a/external/curl/curl-nss.patch.1
+++ b/external/curl/curl-nss.patch.1
@@ -1,7 +1,7 @@
diff -ur curl.org/configure curl/configure
--- curl.org/configure 2016-03-13 15:14:07.177000076 +0100
+++ curl/configure 2016-03-13 15:16:44.132000076 +0100
-@@ -28216,7 +28216,7 @@
+@@ -27985,7 +27985,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: Using hard-wired
libraries and compilation flags for NSS." >&5
printf "%s\n" "$as_me: WARNING: Using hard-wired libraries and compilation
flags for NSS." >&2;}
addld="-L$OPT_NSS/lib"
diff --git a/external/curl/zlib.patch.0 b/external/curl/zlib.patch.0
index e0f579f8675a..b8e242a3aaea 100644
--- a/external/curl/zlib.patch.0
+++ b/external/curl/zlib.patch.0
@@ -1,6 +1,6 @@
--- configure
+++ configure
-@@ -22699,7 +22699,6 @@
+@@ -22808,7 +22808,6 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -8,7 +8,7 @@
# Check whether --with-zlib was given.
if test ${with_zlib+y}
-@@ -22709,6 +22708,7 @@
+@@ -22818,6 +22818,7 @@
if test "$OPT_ZLIB" = "no" ; then
@@ -16,7 +16,7 @@
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: zlib disabled" >&5
printf "%s\n" "$as_me: WARNING: zlib disabled" >&2;}
else
-@@ -22716,6 +22716,21 @@
+@@ -22825,6 +825,21 @@
OPT_ZLIB=""
fi
@@ -38,7 +38,7 @@
if test -z "$OPT_ZLIB" ; then
if test -n "$PKG_CONFIG"; then
-@@ -23011,6 +23026,7 @@
+@@ -23120,6 +23120,7 @@
printf "%s\n" "$as_me: found both libz and libz.h header" >&6;}
curl_zlib_msg="enabled"
fi
@@ -48,7 +48,7 @@
if test x"$AMFIXLIB" = x1; then
--- configure.ac
+++ configure.ac
-@@ -880,19 +880,30 @@
+@@ -1222,19 +1222,30 @@
clean_CPPFLAGS=$CPPFLAGS
clean_LDFLAGS=$LDFLAGS
clean_LIBS=$LIBS
@@ -80,7 +80,7 @@
if test -z "$OPT_ZLIB" ; then
CURL_CHECK_PKGCONFIG(zlib)
-@@ -975,6 +986,7 @@
+@@ -1316,6 +1316,7 @@
AC_MSG_NOTICE([found both libz and libz.h header])
curl_zlib_msg="enabled"
fi
commit 0bce2ee14be1599370b4df3782221ac5477cc9c1
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Mon Oct 24 18:00:18 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:08:30 2023 +0100
zlib: upgrade to release 1.2.13
Fixes CVE-2022-37434
Removed two patches as fixed upstream.
Change-Id: I10465b7eafc4952cf8dc64e6d7a77f5e5255a386
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141757
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit b2d6ad64473527f88dfb7088376ccf1242d97666)
diff --git a/download.lst b/download.lst
index 055b7ed66e22..f44e4ed77a07 100644
--- a/download.lst
+++ b/download.lst
@@ -275,8 +275,8 @@ export WPS_VERSION_MICRO := 10
export WPS_TARBALL := libwps-0.4.$(WPS_VERSION_MICRO).tar.xz
export XSLTML_SHA256SUM :=
75823776fb51a9c526af904f1503a7afaaab900fba83eda64f8a41073724c870
export XSLTML_TARBALL := a7983f859eafb2677d7ff386a023bc40-xsltml_2.1.2.zip
-export ZLIB_SHA256SUM :=
7db46b8d7726232a621befaab4a1c870f00a90805511c0e0090441dac57def18
-export ZLIB_TARBALL := zlib-1.2.12.tar.xz
+export ZLIB_SHA256SUM :=
d14c38e313afc35a9a8760dadf26042f51ea0f5d154b0630a31da0540107fb98
+export ZLIB_TARBALL := zlib-1.2.13.tar.xz
export ZMF_SHA256SUM :=
27051a30cb057fdb5d5de65a1f165c7153dc76e27fe62251cbb86639eb2caf22
export ZMF_TARBALL := libzmf-0.0.2.tar.xz
diff --git a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
deleted file mode 100644
index c5c95a92b28a..000000000000
--- a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
-From: Mark Adler <f...@madler.net>
-Date: Mon, 8 Aug 2022 10:50:09 -0700
-Subject: [PATCH] Fix extra field processing bug that dereferences NULL
- state->head.
-
-The recent commit to fix a gzip header extra field processing bug
-introduced the new bug fixed here.
----
- inflate.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/inflate.c b/inflate.c
-index 7a7289749..2a3c4fe98 100644
---- a/inflate.c
-+++ b/inflate.c
-@@ -763,10 +763,10 @@ int flush;
- copy = state->length;
- if (copy > have) copy = have;
- if (copy) {
-- len = state->head->extra_len - state->length;
- if (state->head != Z_NULL &&
- state->head->extra != Z_NULL &&
-- len < state->head->extra_max) {
-+ (len = state->head->extra_len - state->length) <
-+ state->head->extra_max) {
- zmemcpy(state->head->extra + len, next,
- len + copy > state->head->extra_max ?
- state->head->extra_max - len : copy);
diff --git a/external/zlib/UnpackedTarball_zlib.mk
b/external/zlib/UnpackedTarball_zlib.mk
index 10ee74b9568a..dd9fc1c31445 100644
--- a/external/zlib/UnpackedTarball_zlib.mk
+++ b/external/zlib/UnpackedTarball_zlib.mk
@@ -16,11 +16,6 @@ $(eval $(call gb_UnpackedTarball_set_post_action,zlib,\
cp $(addsuffix .c,adler32 compress crc32 deflate inffast inflate
inftrees trees zutil) x64 \
))
-$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,1))
-
-$(eval $(call gb_UnpackedTarball_add_patches,zlib,\
- external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch \
- external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch \
-))
+$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,0))
# vim: set noet sw=4 ts=4:
diff --git a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
deleted file mode 100644
index dc84d3a1d385..000000000000
--- a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
-From: Mark Adler <f...@madler.net>
-Date: Sat, 30 Jul 2022 15:51:11 -0700
-Subject: [PATCH] Fix a bug when getting a gzip header extra field with
- inflate().
-
-If the extra field was larger than the space the user provided with
-inflateGetHeader(), and if multiple calls of inflate() delivered
-the extra header data, then there could be a buffer overflow of the
-provided space. This commit assures that provided space is not
-exceeded.
----
- inflate.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/inflate.c b/inflate.c
-index 7be8c6366..7a7289749 100644
---- a/inflate.c
-+++ b/inflate.c
-@@ -763,9 +763,10 @@ int flush;
- copy = state->length;
- if (copy > have) copy = have;
- if (copy) {
-+ len = state->head->extra_len - state->length;
- if (state->head != Z_NULL &&
-- state->head->extra != Z_NULL) {
-- len = state->head->extra_len - state->length;
-+ state->head->extra != Z_NULL &&
-+ len < state->head->extra_max) {
- zmemcpy(state->head->extra + len, next,
- len + copy > state->head->extra_max ?
- state->head->extra_max - len : copy);
commit a626fa658685f2653289dd1ef88b24c1719ae50d
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Sep 14 11:10:57 2022 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:08:30 2023 +0100
zlib: add patch for CVE-2022-37434
Change-Id: If09c419ba00fc9be021249e4d4da27d1650b9080
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139913
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 521e920dda79f44a0ad637b6062f3dcb574f884b)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/139849
Reviewed-by: Thorsten Behrens <thorsten.behr...@allotropia.de>
(cherry picked from commit 832e2a266005d8ef5f9bcc7f51b545d5dc4ce165)
diff --git a/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
new file mode 100644
index 000000000000..c5c95a92b28a
--- /dev/null
+++ b/external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch
@@ -0,0 +1,29 @@
+From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
+From: Mark Adler <f...@madler.net>
+Date: Mon, 8 Aug 2022 10:50:09 -0700
+Subject: [PATCH] Fix extra field processing bug that dereferences NULL
+ state->head.
+
+The recent commit to fix a gzip header extra field processing bug
+introduced the new bug fixed here.
+---
+ inflate.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/inflate.c b/inflate.c
+index 7a7289749..2a3c4fe98 100644
+--- a/inflate.c
++++ b/inflate.c
+@@ -763,10 +763,10 @@ int flush;
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
+- len = state->head->extra_len - state->length;
+ if (state->head != Z_NULL &&
+ state->head->extra != Z_NULL &&
+- len < state->head->extra_max) {
++ (len = state->head->extra_len - state->length) <
++ state->head->extra_max) {
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
diff --git a/external/zlib/UnpackedTarball_zlib.mk
b/external/zlib/UnpackedTarball_zlib.mk
index dd9fc1c31445..10ee74b9568a 100644
--- a/external/zlib/UnpackedTarball_zlib.mk
+++ b/external/zlib/UnpackedTarball_zlib.mk
@@ -16,6 +16,11 @@ $(eval $(call gb_UnpackedTarball_set_post_action,zlib,\
cp $(addsuffix .c,adler32 compress crc32 deflate inffast inflate
inftrees trees zutil) x64 \
))
-$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,0))
+$(eval $(call gb_UnpackedTarball_set_patchlevel,zlib,1))
+
+$(eval $(call gb_UnpackedTarball_add_patches,zlib,\
+ external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch \
+ external/zlib/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d.patch \
+))
# vim: set noet sw=4 ts=4:
diff --git a/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
new file mode 100644
index 000000000000..dc84d3a1d385
--- /dev/null
+++ b/external/zlib/eff308af425b67093bab25f80f1ae950166bece1.patch
@@ -0,0 +1,32 @@
+From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
+From: Mark Adler <f...@madler.net>
+Date: Sat, 30 Jul 2022 15:51:11 -0700
+Subject: [PATCH] Fix a bug when getting a gzip header extra field with
+ inflate().
+
+If the extra field was larger than the space the user provided with
+inflateGetHeader(), and if multiple calls of inflate() delivered
+the extra header data, then there could be a buffer overflow of the
+provided space. This commit assures that provided space is not
+exceeded.
+---
+ inflate.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/inflate.c b/inflate.c
+index 7be8c6366..7a7289749 100644
+--- a/inflate.c
++++ b/inflate.c
+@@ -763,9 +763,10 @@ int flush;
+ copy = state->length;
+ if (copy > have) copy = have;
+ if (copy) {
++ len = state->head->extra_len - state->length;
+ if (state->head != Z_NULL &&
+- state->head->extra != Z_NULL) {
+- len = state->head->extra_len - state->length;
++ state->head->extra != Z_NULL &&
++ len < state->head->extra_max) {
+ zmemcpy(state->head->extra + len, next,
+ len + copy > state->head->extra_max ?
+ state->head->extra_max - len : copy);
commit a68a08a64e37144619436edd1809367f08554ddb
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Oct 27 21:07:48 2021 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:08:30 2023 +0100
curl: build with zlib on WNT
Change-Id: I53eb6ed41fb8a17a79f72807df15822e9c1c6e88
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/124290
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 4b7f8f7cf3146317ae2770a766efe48f7a295f72)
diff --git a/RepositoryExternal.mk b/RepositoryExternal.mk
index 468671921f8a..3d5989944204 100644
--- a/RepositoryExternal.mk
+++ b/RepositoryExternal.mk
@@ -2746,7 +2746,7 @@ $(call gb_LinkTarget_set_include,$(1),\
ifeq ($(COM),MSC)
$(call gb_LinkTarget_add_libs,$(1),\
- $(call gb_UnpackedTarball_get_dir,curl)/builds/libcurl-vc12-$(if
$(filter X86_64,$(CPUNAME)),x64,x86)-$(if
$(MSVC_USE_DEBUG_RUNTIME),debug,release)-dll-ipv6-sspi-schannel/lib/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).lib \
+ $(call gb_UnpackedTarball_get_dir,curl)/builds/libcurl-vc12-$(if
$(filter X86_64,$(CPUNAME)),x64,x86)-$(if
$(MSVC_USE_DEBUG_RUNTIME),debug,release)-dll-zlib-static-ipv6-sspi-schannel/lib/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).lib \
)
else
$(call gb_LinkTarget_add_libs,$(1),\
diff --git a/external/curl/ExternalPackage_curl.mk
b/external/curl/ExternalPackage_curl.mk
index 3308074b363c..82979b110558 100644
--- a/external/curl/ExternalPackage_curl.mk
+++ b/external/curl/ExternalPackage_curl.mk
@@ -14,7 +14,7 @@ $(eval $(call
gb_ExternalPackage_use_external_project,curl,curl))
ifneq ($(DISABLE_DYNLOADING),TRUE)
ifeq ($(COM),MSC)
-$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).dll,builds/libcurl-vc12-$(if $(filter
X86_64,$(CPUNAME)),x64,x86)-$(if
$(MSVC_USE_DEBUG_RUNTIME),debug,release)-dll-ipv6-sspi-schannel/bin/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).dll))
+$(eval $(call gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).dll,builds/libcurl-vc12-$(if $(filter
X86_64,$(CPUNAME)),x64,x86)-$(if
$(MSVC_USE_DEBUG_RUNTIME),debug,release)-dll-zlib-static-ipv6-sspi-schannel/bin/libcurl$(if
$(MSVC_USE_DEBUG_RUNTIME),_debug).dll))
else ifeq ($(OS),MACOSX)
$(eval $(call
gb_ExternalPackage_add_file,curl,$(LIBO_LIB_FOLDER)/libcurl.4.dylib,lib/.libs/libcurl.4.dylib))
else ifeq ($(OS),AIX)
diff --git a/external/curl/ExternalProject_curl.mk
b/external/curl/ExternalProject_curl.mk
index 918238ce4135..b4ab0b88e55d 100644
--- a/external/curl/ExternalProject_curl.mk
+++ b/external/curl/ExternalProject_curl.mk
@@ -85,6 +85,7 @@ $(call gb_ExternalProject_get_state_target,curl,build):
ENABLE_IPV6=yes \
ENABLE_SSPI=yes \
ENABLE_WINSSL=yes \
+ WITH_ZLIB=static \
,winbuild)
endif
diff --git a/external/curl/UnpackedTarball_curl.mk
b/external/curl/UnpackedTarball_curl.mk
index 2cdfbfc08632..a5421d253871 100644
--- a/external/curl/UnpackedTarball_curl.mk
+++ b/external/curl/UnpackedTarball_curl.mk
@@ -21,6 +21,7 @@ $(eval $(call gb_UnpackedTarball_fix_end_of_line,curl,\
$(eval $(call gb_UnpackedTarball_add_patches,curl,\
external/curl/curl-msvc.patch.1 \
+ external/curl/curl-msvc-zlib.patch.1 \
external/curl/curl-msvc-disable-protocols.patch.1 \
external/curl/curl-7.26.0_win-proxy.patch \
external/curl/zlib.patch.0 \
diff --git a/external/curl/curl-msvc-zlib.patch.1
b/external/curl/curl-msvc-zlib.patch.1
new file mode 100644
index 000000000000..654303c21874
--- /dev/null
+++ b/external/curl/curl-msvc-zlib.patch.1
@@ -0,0 +1,16 @@
+find internal zlib in nmake buildsystem
+
+--- curl/winbuild/MakefileBuild.vc.orig2 2021-10-27 20:44:48.685237000
+0200
++++ curl/winbuild/MakefileBuild.vc 2021-10-27 20:47:23.792407400 +0200
+@@ -222,8 +222,9 @@
+ ZLIB_LIB_DIR = $(ZLIB_PATH)\lib
+ ZLIB_LFLAGS = $(ZLIB_LFLAGS) "/LIBPATH:$(ZLIB_LIB_DIR)"
+ !ELSE
+-ZLIB_INC_DIR = $(DEVEL_INCLUDE)
+-ZLIB_LIB_DIR = $(DEVEL_LIB)
++ZLIB_INC_DIR = $(WORKDIR)/UnpackedTarball/zlib
++ZLIB_LIB_DIR = $(WORKDIR)/LinkTarget/StaticLibrary
++ZLIB_LFLAGS = $(ZLIB_LFLAGS) "/LIBPATH:$(ZLIB_LIB_DIR)"
+ !ENDIF
+
+ # Depending on how zlib is built the libraries have different names, we
commit 0c5f049d5420e0ae4ee46f93e27dae5ff069d41a
Author: Jan-Marek Glogowski <glo...@fbihome.de>
AuthorDate: Thu Oct 1 12:57:53 2020 +0200
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:04:40 2023 +0100
nss: restore manual pre-dependency build
We had some seldom build failures on Windows, with errors like:
PermissionError: [WinError 32] The process cannot access the file
because it is being used by another process: '..../nssckmdt.h'.
This happens, because of the "." / parent shell hack. Thinking
about it again, it doesn't prevent the parent make to run in
parallel to the "." directory make. So I tried to use a terminal
match-all rule like
ifneq (,$(filter .,$(DIRS)))
%::
# empty terminal rule triggered
$(error can't happen)
endif
to stop the original parent make, but that doesn't work and the
$(error ...) is triggered.
So AFAIK I'm out of options here and have to restore the old
manual pre-dependency build variant - still much better then no
parallel build.
An alternative idea was to put the rest of the rules.mk in the
"else" of the terminal rule, to skip all normal rules, but this
still leaves out all rules from the rest of the make-files,
which might result in some hard to debug errors.
This reverts my upstream patch 15608:744881490c78.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103777
Tested-by: Jenkins
Reviewed-by: Tor Lillqvist <t...@collabora.com>
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
(cherry picked from commit d2f9c55e065d559de903d540da28502646714a24)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/104837
Tested-by: Michael Stahl <michael.st...@cib.de>
Reviewed-by: Michael Stahl <michael.st...@cib.de>
Change-Id: I9e2e9e1ec9f35697c7853c92f60434f514cba5ab
diff --git a/external/nss/UnpackedTarball_nss.mk
b/external/nss/UnpackedTarball_nss.mk
index 53ce6c34fe61..c6e2b8510db0 100644
--- a/external/nss/UnpackedTarball_nss.mk
+++ b/external/nss/UnpackedTarball_nss.mk
@@ -26,6 +26,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
external/nss/nss.bzmozilla1238154.patch \
external/nss/nss-bz1646594.patch.1 \
external/nss/macos-dlopen.patch.0 \
+ external/nss/nss-restore-manual-pre-dependencies.patch.1 \
$(if $(filter iOS,$(OS)), \
external/nss/nss-ios.patch) \
$(if $(filter ANDROID,$(OS)), \
commit 966063f267dd2c96aa36082338f443eda03f7e8b
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Tue Feb 21 11:11:42 2023 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:03:23 2023 +0100
nss: upgrade to release 3.88.1
Fixes CVE-2023-0767 CVE-2022-3479
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/147387
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 538975a0e511ad79a7dd3c71300b993d1554cd03)
Change-Id: I688dc7d0785ed3344c33e331c7e9ef37baa720ee
diff --git a/download.lst b/download.lst
index c1ee44aad377..055b7ed66e22 100644
--- a/download.lst
+++ b/download.lst
@@ -205,8 +205,8 @@ export MYTHES_SHA256SUM :=
1e81f395d8c851c3e4e75b568e20fa2fa549354e75ab397f9de4b
export MYTHES_TARBALL := a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz
export NEON_SHA256SUM :=
db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca
export NEON_TARBALL := neon-0.30.2.tar.gz
-export NSS_SHA256SUM :=
8b5a2e9e3d632a78ad4d9c8d2ea502d2790d7a8e7b1986d173107232eca27432
-export NSS_TARBALL := nss-3.86-with-nspr-4.35.tar.gz
+export NSS_SHA256SUM :=
fcfa26d2738ec5b0cf72ab4be784eac832a75132cda2e295799c04d62a93607a
+export NSS_TARBALL := nss-3.88.1-with-nspr-4.35.tar.gz
export ODFGEN_SHA256SUM :=
55200027fd46623b9bdddd38d275e7452d1b0ff8aeddcad6f9ae6dc25f610625
export ODFGEN_VERSION_MICRO := 8
export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.xz
commit 15f03b42d95e46d6fbe3d1e29423f12b3f4eaf67
Author: Taichi Haradaguchi <20001...@ymail.ne.jp>
AuthorDate: Mon Nov 21 23:33:32 2022 +0900
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Sat Mar 25 19:02:49 2023 +0100
nss: upgrade to release 3.86.0
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/143038
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caol...@redhat.com>
(cherry picked from commit a2969884af71e88d2541bd2bfdebea222876fef4)
Change-Id: Ia236c7124d920785f7a2856db5ee1ccbef7a2d68
diff --git a/download.lst b/download.lst
index c7f156c25184..c1ee44aad377 100644
--- a/download.lst
+++ b/download.lst
@@ -205,8 +205,8 @@ export MYTHES_SHA256SUM :=
1e81f395d8c851c3e4e75b568e20fa2fa549354e75ab397f9de4b
export MYTHES_TARBALL := a8c2c5b8f09e7ede322d5c602ff6a4b6-mythes-1.2.4.tar.gz
export NEON_SHA256SUM :=
db0bd8cdec329b48f53a6f00199c92d5ba40b0f015b153718d1b15d3d967fbca
export NEON_TARBALL := neon-0.30.2.tar.gz
-export NSS_SHA256SUM :=
b1e1198fa7ee4e0fe4fa6937245c94820fd3c3c6897779493858af1bf6310b30
-export NSS_TARBALL := nss-3.83-with-nspr-4.34.1.tar.gz
+export NSS_SHA256SUM :=
8b5a2e9e3d632a78ad4d9c8d2ea502d2790d7a8e7b1986d173107232eca27432
+export NSS_TARBALL := nss-3.86-with-nspr-4.35.tar.gz
export ODFGEN_SHA256SUM :=
55200027fd46623b9bdddd38d275e7452d1b0ff8aeddcad6f9ae6dc25f610625
export ODFGEN_VERSION_MICRO := 8
export ODFGEN_TARBALL := libodfgen-0.1.$(ODFGEN_VERSION_MICRO).tar.xz
diff --git a/external/nss/UnpackedTarball_nss.mk
b/external/nss/UnpackedTarball_nss.mk
index c2195f45aa14..53ce6c34fe61 100644
--- a/external/nss/UnpackedTarball_nss.mk
+++ b/external/nss/UnpackedTarball_nss.mk
@@ -24,7 +24,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,nss,\
external/nss/nss.vs2015.patch \
external/nss/nss.vs2015.pdb.patch \
external/nss/nss.bzmozilla1238154.patch \
- external/nss/nss-bz1646594.patch.1 \
+ external/nss/nss-bz1646594.patch.1 \
external/nss/macos-dlopen.patch.0 \
$(if $(filter iOS,$(OS)), \
external/nss/nss-ios.patch) \
diff --git a/external/nss/asan.patch.1 b/external/nss/asan.patch.1
index ce584a34a3b5..ccabd446ebac 100644
--- a/external/nss/asan.patch.1
+++ b/external/nss/asan.patch.1
@@ -1,7 +1,7 @@
diff -ur nss.org/nss/coreconf/Linux.mk nss/nss/coreconf/Linux.mk
--- nss.org/nss/coreconf/Linux.mk 2014-05-06 04:36:01.817838877 +0200
+++ nss/nss/coreconf/Linux.mk 2014-05-06 04:37:25.387835456 +0200
-@@ -146,7 +146,7 @@
+@@ -157,7 +157,7 @@
# we don't use -z defs there.
# Also, -z defs conflicts with Address Sanitizer, which emits relocations
# against the libsanitizer runtime built into the main executable.
diff --git a/external/nss/clang-cl.patch.0 b/external/nss/clang-cl.patch.0
index 1d615c2397d8..04e21e7003d0 100644
--- a/external/nss/clang-cl.patch.0
+++ b/external/nss/clang-cl.patch.0
@@ -14,7 +14,7 @@
#pragma intrinsic(_InterlockedExchange)
--- nspr/pr/include/prbit.h
+++ nspr/pr/include/prbit.h
-@@ -14,7 +14,7 @@
+@@ -15,7 +15,7 @@
*/
#if defined(_WIN32) && (_MSC_VER >= 1300) && \
(defined(_M_IX86) || defined(_M_X64) || defined(_M_ARM) || \
@@ -23,7 +23,7 @@
# include <intrin.h>
# pragma intrinsic(_BitScanForward,_BitScanReverse)
__forceinline static int __prBitScanForward32(unsigned int val)
-@@ -32,7 +32,7 @@
+@@ -33,7 +33,7 @@
# define pr_bitscan_ctz32(val) __prBitScanForward32(val)
# define pr_bitscan_clz32(val) __prBitScanReverse32(val)
# define PR_HAVE_BUILTIN_BITSCAN32
@@ -32,7 +32,7 @@
(defined(__i386__) || defined(__x86_64__) || defined(__arm__) || \
defined(__aarch64__))
# define pr_bitscan_ctz32(val) __builtin_ctz(val)
-@@ -136,7 +136,7 @@
+@@ -138,7 +138,7 @@
*/
#if defined(_MSC_VER) && (defined(_M_IX86) || defined(_M_AMD64) || \
@@ -63,7 +63,7 @@
#define CERTDB_VALID_PEER CERTDB_TERMINAL_RECORD
--- nss/lib/util/pkcs11n.h
+++ nss/lib/util/pkcs11n.h
-@@ -426,7 +426,7 @@
+@@ -563,7 +563,7 @@
/* keep the old value for compatibility reasons*/
#define CKT_NSS_MUST_VERIFY ((__CKT_NSS_MUST_VERIFY)(CKT_NSS + 4))
#else
@@ -80,7 +80,7 @@
# in the outer pkcs11t.h:
--- nss/lib/util/pkcs11t.h
+++ nss/lib/util/pkcs11t.h
-@@ -72,7 +72,14 @@
+@@ -78,7 +78,14 @@
#define CK_INVALID_HANDLE 0
/* pack */
@@ -95,7 +95,7 @@
typedef struct CK_VERSION {
CK_BYTE major; /* integer portion of version number */
-@@ -1795,6 +1802,13 @@
+@@ -2586,6 +2593,13 @@
#include "pkcs11n.h"
/* undo packing */
diff --git a/external/nss/macos-dlopen.patch.0
b/external/nss/macos-dlopen.patch.0
index 1889b8df7cd3..e8abc8f59c69 100644
--- a/external/nss/macos-dlopen.patch.0
+++ b/external/nss/macos-dlopen.patch.0
@@ -1,6 +1,6 @@
--- nspr/pr/src/linking/prlink.c
+++ nspr/pr/src/linking/prlink.c
-@@ -799,7 +799,7 @@
+@@ -555,7 +555,7 @@
* The reason is that DARWIN's dlopen ignores the provided path
* and checks for the plain filename in DYLD_LIBRARY_PATH,
* which could load an unexpected version of a library. */
diff --git a/external/nss/nss-android.patch.1 b/external/nss/nss-android.patch.1
index 3b6415c23167..ebb1df2d00f9 100644
--- a/external/nss/nss-android.patch.1
+++ b/external/nss/nss-android.patch.1
@@ -1,7 +1,7 @@
diff -ur nss.org/nspr/build/autoconf/config.sub
nss/nspr/build/autoconf/config.sub
--- nss.org/nspr/build/autoconf/config.sub 2017-09-07 15:29:45.031246453
+0200
+++ nss/nspr/build/autoconf/config.sub 2017-09-07 15:32:13.087235423 +0200
-@@ -111,6 +111,11 @@
+@@ -110,6 +110,11 @@
exit 1;;
esac
@@ -16,7 +16,7 @@ diff -ur nss.org/nspr/build/autoconf/config.sub
nss/nspr/build/autoconf/config.s
diff -ur nss.org/nspr/configure nss/nspr/configure
--- nss.org/nspr/configure 2017-09-07 15:29:45.018246359 +0200
+++ nss/nspr/configure 2017-09-07 15:31:47.604075663 +0200
-@@ -2737,18 +2739,15 @@
+@@ -2728,18 +2728,15 @@
esac
AS="$android_toolchain"/bin/"$android_tool_prefix"-as
@@ -41,7 +41,8 @@ diff -ur nss.org/nspr/configure nss/nspr/configure
diff -ur nss.org/nss/Makefile nss/nss/Makefile
--- nss.org/nss/Makefile 2017-09-07 15:29:44.933245745 +0200
+++ nss/nss/Makefile 2017-09-07 15:32:04.347181076 +0200
-@@ -62,6 +62,6 @@
+@@ -65,7 +65,7 @@
+
ifeq ($(OS_TARGET),Android)
NSPR_CONFIGURE_OPTS += --with-android-ndk=$(ANDROID_NDK) \
- --target=$(ANDROID_PREFIX) \
diff --git a/external/nss/nss-restore-manual-pre-dependencies.patch.1
b/external/nss/nss-restore-manual-pre-dependencies.patch.1
new file mode 100644
index 000000000000..ea034f0dc80f
--- /dev/null
+++ b/external/nss/nss-restore-manual-pre-dependencies.patch.1
@@ -0,0 +1,83 @@
+Revert of upstream:
+
+changeset: 15608:744881490c78
+user: Jan-Marek Glogowski <glo...@fbihome.de>
+date: Wed May 13 19:00:40 2020 +0000
+summary: Bug 1637083 Replace pre-dependency with shell hack r=rrelyea
+
+--- b/nss/coreconf/rules.mk Wed May 13 19:00:40 2020 +0000
++++ a/nss/coreconf/rules.mk Tue May 12 21:33:43 2020 +0000
+@@ -31,21 +31,10 @@
+ USE_NT_C_SYNTAX=1
+ endif
+
+-# For whatever reason, "." can't be handled using make conditionals.
+-# Based on automake's SUBDIRS "." handling.
+ ifdef DIRS
+ ifndef IGNORE_DIRS
+-ifneq (,$(filter .,$(DIRS)))
+-TARGETS = $(NULL)
+-ALL_TRASH = $(NULL)
+-endif
+-
+ $(DIRS):
++ $(IGNORE_ERROR)@$(MAKE) -C $@ $(MAKECMDGOALS)
+- $(IGNORE_ERROR)@if [ "$@" != "." ]; then \
+- $(MAKE) -C $@ $(MAKECMDGOALS) ; \
+- else \
+- IGNORE_DIRS=1 $(MAKE) -C $@ $(MAKECMDGOALS) ; \
+- fi
... etc. - the rest is truncated
